Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8
9(* constrain sledgehammer to the abstraction layer *)
10unbundle AOT_no_atp
11
12(* To enable meta syntax: *)
13(*interpretation AOT_meta_syntax.*)
14(* To disable meta syntax: *)
15interpretation AOT_no_meta_syntax.
16
17(* To enable AOT syntax (takes precedence over meta syntax; can be done locally using "including" or "include"): *)
18unbundle AOT_syntax
19(* To disable AOT syntax (restoring meta syntax or no syntax; can be done locally using "including" or "include"): *)
20(* unbundle AOT_no_syntax *)
21
22AOT_theorem "modus-ponens": assumes φ and φ  ψ shows ψ
23  using assms by (simp add: AOT_sem_imp) (* NOTE: semantics needed *)
24lemmas MP = "modus-ponens"
25
26AOT_theorem "non-con-thm-thm": assumes  φ shows  φ
27  using assms by simp
28
29AOT_theorem "vdash-properties:1[1]": assumes φ  Λ shows  φ
30  using assms unfolding AOT_model_act_axiom_def by blast (* NOTE: semantics needed *)
31
32attribute_setup act_axiom_inst =
33  ‹Scan.succeed (Thm.rule_attribute [] (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
34  "Instantiate modally fragile axiom as modally fragile theorem."
35
36AOT_theorem "vdash-properties:1[2]": assumes φ  Λ shows  φ
37  using assms unfolding AOT_model_axiom_def by blast (* NOTE: semantics needed *)
38
39attribute_setup axiom_inst =
40  ‹Scan.succeed (Thm.rule_attribute [] (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
41  "Instantiate axiom as theorem."
42
43method cqt_2_lambda_inst_prover = (fast intro: AOT_instance_of_cqt_2_intro)
44method "cqt:2[lambda]" = (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
45
46AOT_theorem "vdash-properties:3": assumes  φ shows Γ  φ
47  using assms by blast
48
49AOT_theorem "vdash-properties:5": assumes Γ1  φ and Γ2  φ  ψ shows Γ1, Γ2  ψ
50  using MP assms by blast
51
52AOT_theorem "vdash-properties:6": assumes φ and φ  ψ shows ψ
53  using MP assms by blast
54
55AOT_theorem "vdash-properties:8": assumes Γ  φ and φ  ψ shows Γ  ψ
56  using assms by argo
57
58AOT_theorem "vdash-properties:9": assumes φ shows ψ  φ
59  using MP "pl:1"[axiom_inst] assms by blast
60
61AOT_theorem "vdash-properties:10": assumes φ  ψ and φ shows ψ
62  using MP assms by blast
63lemmas "→E" = "vdash-properties:10"
64
65AOT_theorem "rule-gen": assumes for arbitrary α: φ{α} shows α φ{α}
66  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall) (* NOTE: semantics needed *)
67lemmas GEN = "rule-gen"
68
69AOT_theorem "RN[prem]": assumes Γ  φ shows Γ  φ
70  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
71AOT_theorem RN: assumes  φ shows φ
72  using "RN[prem]" assms by blast
73
74AOT_axiom "df-rules-formulas[1]": assumes φ df ψ shows φ  ψ
75  using assms by (simp_all add: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp) (* NOTE: semantics needed *)
76AOT_axiom "df-rules-formulas[2]": assumes φ df ψ shows ψ  φ
77  using assms by (simp_all add: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp) (* NOTE: semantics needed *)
78(* NOTE: for convenience also state the above as regular theorems *)
79AOT_theorem "df-rules-formulas[3]": assumes φ df ψ shows φ  ψ
80  using "df-rules-formulas[1]"[axiom_inst, OF assms].
81AOT_theorem "df-rules-formulas[4]": assumes φ df ψ shows ψ  φ
82  using "df-rules-formulas[2]"[axiom_inst, OF assms].
83
84
85AOT_axiom "df-rules-terms[1]":
86  assumes τ{α1...αn} =df σ{α1...αn}
87  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) & (¬σ{τ1...τn}  ¬τ{τ1...τn})
88  using assms by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
89AOT_axiom "df-rules-terms[2]":
90  assumes τ =df σ
91  shows (σ  τ = σ) & (¬σ  ¬τ)
92  by (metis "df-rules-terms[1]" case_unit_Unity assms)
93(* NOTE: for convenience also state the above as regular theorems *)
94AOT_theorem "df-rules-terms[3]":
95  assumes τ{α1...αn} =df σ{α1...αn}
96  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) & (¬σ{τ1...τn}  ¬τ{τ1...τn})
97  using "df-rules-terms[1]"[axiom_inst, OF assms].
98AOT_theorem "df-rules-terms[4]":
99  assumes τ =df σ
100  shows (σ  τ = σ) & (¬σ  ¬τ)
101  using "df-rules-terms[2]"[axiom_inst, OF assms].
102
103
104AOT_theorem "if-p-then-p": φ  φ
105  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
106
107AOT_theorem "deduction-theorem": assumes φ  ψ shows φ  ψ
108  using assms by (simp add: AOT_sem_imp) (* NOTE: semantics needed *)
109lemmas CP = "deduction-theorem"
110lemmas "→I" = "deduction-theorem"
111
112AOT_theorem "ded-thm-cor:1": assumes Γ1  φ  ψ and Γ2  ψ  χ shows Γ1, Γ2  φ  χ
113  using "→E" "→I" assms by blast
114AOT_theorem "ded-thm-cor:2": assumes Γ1  φ  (ψ  χ) and Γ2  ψ shows Γ1, Γ2  φ  χ
115  using "→E" "→I" assms by blast
116
117AOT_theorem "ded-thm-cor:3": assumes φ  ψ and ψ  χ shows φ  χ
118  using "→E" "→I" assms by blast
119declare "ded-thm-cor:3"[trans]
120AOT_theorem "ded-thm-cor:4": assumes φ  (ψ  χ) and ψ shows φ  χ
121  using "→E" "→I" assms by blast
122
123lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
124
125AOT_theorem "useful-tautologies:1": ¬¬φ  φ
126  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
127AOT_theorem "useful-tautologies:2": φ  ¬¬φ
128  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
129AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
130  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
131AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
132  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
133AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
134  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
135
136AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
137  by (metis "→I" MP "useful-tautologies:4")
138
139AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
140  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
141
142AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
143  by (metis "→I" MP "useful-tautologies:5")
144
145AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
146  by (metis "→I" MP "useful-tautologies:6")
147
148AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
149  by (metis "→I" MP "pl:3"[axiom_inst])
150
151AOT_theorem "dn-i-e:1": assumes φ shows ¬¬φ
152  using MP "useful-tautologies:2" assms by blast
153lemmas "¬¬I" = "dn-i-e:1"
154AOT_theorem "dn-i-e:2": assumes ¬¬φ shows φ
155  using MP "useful-tautologies:1" assms by blast
156lemmas "¬¬E" = "dn-i-e:2"
157
158AOT_theorem "modus-tollens:1": assumes φ  ψ and ¬ψ shows ¬φ
159  using MP "useful-tautologies:5" assms by blast
160AOT_theorem "modus-tollens:2": assumes φ  ¬ψ and ψ shows ¬φ
161  using "¬¬I" "modus-tollens:1" assms by blast
162lemmas MT = "modus-tollens:1" "modus-tollens:2"
163
164AOT_theorem "contraposition:1[1]": assumes φ  ψ shows ¬ψ  ¬φ
165  using "→I" MT(1) assms by blast
166AOT_theorem "contraposition:1[2]": assumes ¬ψ  ¬φ shows φ  ψ
167  using "→I" "¬¬E" MT(2) assms by blast
168
169AOT_theorem "contraposition:2": assumes φ  ¬ψ shows ψ  ¬φ
170  using "→I" MT(2) assms by blast
171
172(* TODO: this is actually a mixture of the two variants given in PLM; adjust. *)
173AOT_theorem "reductio-aa:1":
174  assumes ¬φ  ¬ψ and ¬φ  ψ shows φ
175  using "→I" "¬¬E" MT(2) assms by blast
176AOT_theorem "reductio-aa:2":
177  assumes φ  ¬ψ and φ  ψ shows ¬φ
178  using "reductio-aa:1" assms by blast
179lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
180
181AOT_theorem "exc-mid": φ  ¬φ
182  using "df-rules-formulas[4]" "if-p-then-p" MP "conventions:2" by blast
183
184AOT_theorem "non-contradiction": ¬(φ & ¬φ)
185  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2" "conventions:1" by blast
186
187AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
188  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
189AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
190  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2) "¬¬E" "conventions:1")
191lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
192
193AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
194  by (meson "contraposition:1[2]" "df-rules-formulas[4]" MP "→I" "conventions:2")
195AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
196  using "Hypothetical Syllogism" "df-rules-formulas[4]" "pl:1"[axiom_inst] "conventions:2" by blast
197lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
198
199AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
200  by (metis "contraposition:2" "Hypothetical Syllogism" "→I" "df-rules-formulas[4]" "conventions:1")
201lemmas Adjunction = "con-dis-taut:5"
202
203AOT_theorem "con-dis-taut:6": (φ & φ)  φ
204  by (metis Adjunction "→I" "df-rules-formulas[4]" MP "Conjunction Simplification"(1) "conventions:3")
205lemmas "Idempotence of &" = "con-dis-taut:6"
206
207AOT_theorem "con-dis-taut:7": (φ  φ)  φ
208proof -
209  {
210    AOT_assume φ  φ
211    AOT_hence ¬φ  φ
212      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
213    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
214  }
215  moreover {
216    AOT_assume φ
217    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
218  }
219  ultimately AOT_show (φ  φ)  φ
220    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
221    by (metis Adjunction "→I")
222qed
223lemmas "Idempotence of ∨" = "con-dis-taut:7"
224
225
226AOT_theorem "con-dis-i-e:1": assumes φ and ψ shows φ & ψ
227  using Adjunction MP assms by blast
228lemmas "&I" = "con-dis-i-e:1"
229
230AOT_theorem "con-dis-i-e:2:a": assumes φ & ψ shows φ
231  using "Conjunction Simplification"(1) MP assms by blast
232AOT_theorem "con-dis-i-e:2:b": assumes φ & ψ shows ψ
233  using "Conjunction Simplification"(2) MP assms by blast
234lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
235
236AOT_theorem "con-dis-i-e:3:a": assumes φ shows φ  ψ
237  using "Disjunction Addition"(1) MP assms by blast
238AOT_theorem "con-dis-i-e:3:b": assumes ψ shows φ  ψ
239  using "Disjunction Addition"(2) MP assms by blast
240AOT_theorem "con-dis-i-e:3:c": assumes φ  ψ and φ  χ and ψ  Θ shows χ  Θ
241  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2) "df-rules-formulas[3]" MT(1) RAA(1) "conventions:2" assms)
242lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
243
244AOT_theorem "con-dis-i-e:4:a": assumes φ  ψ and φ  χ and ψ  χ shows χ
245  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
246AOT_theorem "con-dis-i-e:4:b": assumes φ  ψ and ¬φ shows ψ
247  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
248AOT_theorem "con-dis-i-e:4:c": assumes φ  ψ and ¬ψ shows φ
249  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
250lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
251
252AOT_theorem "raa-cor:1": assumes ¬φ  ψ & ¬ψ shows φ
253  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
254AOT_theorem "raa-cor:2": assumes φ  ψ & ¬ψ shows ¬φ
255  using "raa-cor:1" assms by blast
256AOT_theorem "raa-cor:3": assumes φ and ¬ψ  ¬φ shows ψ
257  using RAA assms by blast
258AOT_theorem "raa-cor:4": assumes ¬φ and ¬ψ  φ shows ψ
259  using RAA assms by blast
260AOT_theorem "raa-cor:5": assumes φ and ψ  ¬φ shows ¬ψ
261  using RAA assms by blast
262AOT_theorem "raa-cor:6": assumes ¬φ and ψ  φ shows ¬ψ
263  using RAA assms by blast
264
265(* TODO: note these need manual introduction rules *)
266AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
267  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
268     (metis "&E" "&I" "raa-cor:3" "→I" MP)
269AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
270  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
271     (metis "&E" "&I" "raa-cor:3" "→I" MP)
272AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
273  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
274     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
275
276AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
277  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
278     (meson "&I" "&E" "→I")
279lemmas "Commutativity of &" = "oth-class-taut:2:a"
280AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
281  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
282     (metis "&I" "&E" "→I")
283lemmas "Associativity of &" = "oth-class-taut:2:b"
284AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
285  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
286     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
287lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
288AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
289  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
290     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
291lemmas "Associativity of ∨" = "oth-class-taut:2:d"
292AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
293  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
294      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E" "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
295lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
296AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
297  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
298        "→I" "→E" "&E" "&I"
299  by metis
300lemmas "Associativity of ≡" = "oth-class-taut:2:f"
301
302AOT_theorem "oth-class-taut:3:a": φ  φ
303  using "&I" "vdash-properties:6" "if-p-then-p" "df-rules-formulas[4]" "conventions:3" by blast
304AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
305  using "&I" "useful-tautologies:1" "useful-tautologies:2" "vdash-properties:6" "df-rules-formulas[4]" "conventions:3" by blast
306AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
307  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
308
309AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
310  by (metis "→E" "→I")
311AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
312  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
313        "→I" "→E" "&E" "&I" RAA by metis
314AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
315  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
316        "→I" "→E" "&E" "&I" by metis
317AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
318  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
319        "→I" "→E" "&E" "&I" by metis
320AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
321  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
322        "→I" "→E" "&E" "&I" by metis
323AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
324  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
325        "→I" "→E" "&E" "&I" by metis
326(* TODO: nicer proof *)
327AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
328  apply (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I"; rule "→I")
329   apply (drule "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
330   apply (metis "&I" "&E" "∨I"(1,2) MT(1) "raa-cor:3")
331  apply (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I"; rule "→I")
332  using "&E" "∨E"(2) "raa-cor:3" by blast+
333AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
334  apply (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I"; rule "→I")
335  apply (metis "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]" "raa-cor:3" "conventions:3")
336  by (metis "&E" "∨E"(2) "→E" "df-rules-formulas[3]" "raa-cor:3" "conventions:3")
337AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
338  using "conventions:3"[THEN "df-rules-formulas[4]"]
339        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
340AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
341  using "conventions:3"[THEN "df-rules-formulas[4]"]
342        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
343AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
344  using "conventions:3"[THEN "df-rules-formulas[4]"]
345        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
346AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
347  using "conventions:3"[THEN "df-rules-formulas[4]"]
348        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
349
350lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
351
352AOT_theorem "oth-class-taut:6:a": (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
353  using "conventions:3"[THEN "df-rules-formulas[4]"]
354        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
355AOT_theorem "oth-class-taut:6:b": (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
356  using "conventions:3"[THEN "df-rules-formulas[4]"]
357        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
358
359AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
360  by (metis "&I" "→E" "→I")
361lemmas Exportation = "oth-class-taut:7:a"
362AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
363  by (metis "&E" "→E" "→I")
364lemmas Importation = "oth-class-taut:7:b"
365
366AOT_theorem "oth-class-taut:8:a": (φ  (ψ  χ))  (ψ  (φ  χ))
367  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I" by metis
368lemmas Permutation = "oth-class-taut:8:a"
369AOT_theorem "oth-class-taut:8:b": (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
370  by (metis "&I" "→E" "→I")
371lemmas Composition = "oth-class-taut:8:b"
372AOT_theorem "oth-class-taut:8:c": (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
373  by (metis "∨E"(2) "→E" "→I" RAA(1))
374AOT_theorem "oth-class-taut:8:d": ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
375  by (metis "&E" "&I" "→E" "→I")
376lemmas "Double Composition" = "oth-class-taut:8:d"
377AOT_theorem "oth-class-taut:8:e": ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
378  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
379            "→I" "→E" "&E" "&I")
380AOT_theorem "oth-class-taut:8:f": ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
381  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
382            "→I" "→E" "&E" "&I")
383AOT_theorem "oth-class-taut:8:g": (ψ  χ)  ((φ  ψ)  (φ  χ))
384  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
385            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
386AOT_theorem "oth-class-taut:8:h": (ψ  χ)  ((ψ  φ)  (χ  φ))
387  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
388            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
389AOT_theorem "oth-class-taut:8:i": (φ  (ψ & χ))  (ψ  (φ  χ))
390  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
391            "→I" "→E" "&E" "&I")
392
393AOT_theorem "intro-elim:1": assumes φ  ψ and φ  χ and ψ  Θ shows χ  Θ
394  by (metis assms "∨I"(1, 2) "∨E"(1) "conventions:3"[THEN "df-rules-formulas[3]"] "→I" "→E" "&E"(1))
395
396AOT_theorem "intro-elim:2": assumes φ  ψ and ψ  φ shows φ  ψ
397  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
398lemmas "≡I" = "intro-elim:2"
399
400AOT_theorem "intro-elim:3:a": assumes φ  ψ and φ shows ψ
401  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
402AOT_theorem "intro-elim:3:b": assumes φ  ψ and ψ shows φ
403  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
404AOT_theorem "intro-elim:3:c": assumes φ  ψ and ¬φ shows ¬ψ
405  using "intro-elim:3:b" "raa-cor:3" assms by blast
406AOT_theorem "intro-elim:3:d": assumes φ  ψ and ¬ψ shows ¬φ
407  using "intro-elim:3:a" "raa-cor:3" assms by blast
408AOT_theorem "intro-elim:3:e": assumes φ  ψ and ψ  χ shows φ  χ
409  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
410declare "intro-elim:3:e"[trans]
411AOT_theorem "intro-elim:3:f": assumes φ  ψ and φ  χ shows χ  ψ
412  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
413lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c" "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
414
415declare "Commutativity of ≡"[THEN "≡E"(1), sym]
416
417AOT_theorem "rule-eq-df:1": assumes φ df ψ shows φ  ψ
418  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
419lemmas "≡Df" = "rule-eq-df:1"
420AOT_theorem "rule-eq-df:2": assumes φ df ψ and φ shows ψ
421  using "≡Df" "≡E"(1) assms by blast
422lemmas "≡dfE" = "rule-eq-df:2"
423AOT_theorem "rule-eq-df:3": assumes φ df ψ and ψ shows φ
424  using "≡Df" "≡E"(2) assms by blast
425lemmas "≡dfI" = "rule-eq-df:3"
426
427AOT_theorem  "df-simplify:1": assumes φ  (ψ & χ) and ψ shows φ  χ
428  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
429(* TODO: this is a slight variation from PLM *)
430AOT_theorem  "df-simplify:2": assumes φ  (ψ & χ) and χ shows φ  ψ
431  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
432lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
433
434AOT_theorem "rule-ui:1": assumes α φ{α} and τ shows φ{τ}
435  using "→E" "cqt:1"[axiom_inst] assms by blast
436AOT_theorem "rule-ui:2[const_var]": assumes α φ{α} shows φ{β}
437  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
438(* TODO: precise proviso in PLM *)
439AOT_theorem "rule-ui:2[lambda]":
440  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
441  shows φ{ν1...νn ψ{ν1...νn}]}
442  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
443AOT_theorem "rule-ui:3": assumes α φ{α} shows φ{α}
444  by (simp add: "rule-ui:2[const_var]" assms)
445lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]" "rule-ui:2[lambda]" "rule-ui:3"
446
447AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β} by (simp add: "∀E"(2) "→I")
448AOT_theorem "cqt-orig:1[lambda]":
449  assumes INSTANCE_OF_CQT_2(ψ)
450  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
451  by (simp add: "∀E"(3) "→I" assms)
452AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
453  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
454AOT_theorem "cqt-orig:3": α φ{α}  φ{α} using "cqt-orig:1[const_var]" .
455
456(* TODO: work out difference to GEN *)
457AOT_theorem universal: assumes for arbitrary β: φ{β} shows α φ{α}
458  using GEN assms .
459lemmas "∀I" = universal
460
461(* Generalized mechanism for "∀I" followed by ∀E *)
462ML463fun get_instantiated_allI ctxt varname thm = let
464val trm = Thm.concl_of thm
465val trm = case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
466                      | _ => raise Term.TERM ("Expected simple theorem.", [trm])
467fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
468    (if fst (fst v) = fst varname then [Var v] else []) (* TODO: care about the index? *)
469  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
470  | extractVars (Abs (_, _, t)) = extractVars t
471  | extractVars _ = []
472val vars = extractVars trm
473val vars = fold Term.add_vars vars []
474val var = hd vars
475val trmty = case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
476              | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
477val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
478      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
479       $ Var var, trm))
480val trm = Thm.cterm_of (Context.proof_of ctxt) trm
481val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
482val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
483val allthm = Drule.instantiate_normalize ([(ty, typ)],[]) @{thm "∀I"}
484val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
485val allthm = Drule.instantiate_normalize ([],[(phi,trm)]) allthm
486in
487allthm
488end
489
490
491attribute_setup "∀I" =
492  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
493  (fn ctxt => fn thm => fold (fn arg => fn thm => thm RS get_instantiated_allI ctxt arg thm) args thm))
494  "Quantify over a variable in a theorem using GEN."
495
496attribute_setup "unvarify" =
497  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
498  (fn ctxt => fn thm =>
499    let
500    val thm = fold (fn arg => fn thm => thm RS get_instantiated_allI ctxt arg thm) args thm
501    val thm = fold (fn _ => fn thm => thm RS @{thm "∀E"(1)}) args thm
502    in
503     thm
504    end))
505  "Generalize a statement about variables to a statement about denoting terms."
506
507(* TODO: rereplace-lem does not apply to the embedding *)
508
509AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
510  by (metis "≡I" "∀E"(2) "∀I" "→I")
511
512AOT_theorem "cqt-basic:2": α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
513proof (rule "≡I"; rule "→I")
514  AOT_assume α(φ{α}  ψ{α})
515  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
516  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
517    using "≡E"(1,2) "→I" by blast+
518  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
519    by (auto intro: "&I" "∀I")
520next
521  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
522  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
523    using "∀E"(2) "&E" by blast+
524  AOT_hence φ{α}  ψ{α} for α
525    using "≡I" by blast
526  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
527qed
528
529AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
530proof(rule "→I")
531  AOT_assume α(φ{α}  ψ{α})
532  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
533  {
534    AOT_assume α φ{α}
535    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
536  }
537  moreover {
538    AOT_assume α ψ{α}
539    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
540  }
541  ultimately AOT_show α φ{α}  α ψ{α}
542    using "≡I" "→I" by auto
543qed
544
545AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
546proof(rule "→I")
547  AOT_assume 0: α(φ{α} & ψ{α})
548  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
549  AOT_thus α φ{α} & α ψ{α}
550    by (auto intro: "∀I" "&I")
551qed
552
553AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
554  using "cqt-orig:3" by blast
555
556AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
557  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
558
559AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
560  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
561
562AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
563  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
564
565AOT_theorem "cqt-basic:9": (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
566proof -
567  {
568    AOT_assume α (φ{α}  ψ{α})
569    moreover AOT_assume α (ψ{α}  χ{α})
570    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α using "∀E" by blast+
571    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
572    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
573  }
574  thus ?thesis using "&I" "→I" "&E" by meson
575qed
576
577AOT_theorem "cqt-basic:10": (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
578proof(rule "→I"; rule "∀I")
579  fix β
580  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
581  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
582  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
583qed
584
585AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
586proof (rule "≡I"; rule "→I")
587  AOT_assume 0: α(φ{α}  ψ{α})
588  {
589    fix α
590    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
591    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
592  }
593  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
594next
595  AOT_assume 0: α(ψ{α}  φ{α})
596  {
597    fix α
598    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
599    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
600  }
601  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
602qed
603
604AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
605  by (simp add: "∀E"(2) "→I" GEN)
606
607AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
608  using "≡I" "→I" by blast
609
610AOT_theorem "cqt-basic:14": (α1...∀αn (φ{α1...αn}  ψ{α1...αn}))  ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
611  using "cqt:3"[axiom_inst] by auto
612
613AOT_theorem "cqt-basic:15": (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
614  using "cqt-orig:2" by auto
615
616(* TODO: once more the same in the embedding... need to distinguish these better *)
617AOT_theorem "universal-cor": assumes for arbitrary β: φ{β}  shows α φ{α}
618  using GEN assms .
619
620AOT_theorem "existential:1": assumes φ{τ} and τ shows α φ{α}
621proof(rule "raa-cor:1")
622  AOT_assume ¬α φ{α}
623  AOT_hence α ¬φ{α}
624    using "≡dfI" "conventions:4" RAA "&I" by blast
625  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
626  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
627qed
628
629AOT_theorem "existential:2[const_var]": assumes φ{β} shows α φ{α}
630  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
631
632AOT_theorem "existential:2[lambda]":
633  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
634  shows α φ{α}
635  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
636lemmas "∃I" = "existential:1" "existential:2[const_var]" "existential:2[lambda]" 
637
638AOT_theorem "instantiation":
639  assumes for arbitrary β: φ{β}  ψ and α φ{α}
640  shows ψ
641  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
642lemmas "∃E" = "instantiation"
643
644AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
645  using "∀E"(4) "∃I"(2) "→I" by metis
646
647AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
648  using "∀I" "∃I"(2) "→I" RAA by metis
649
650AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
651  using "∀E"(4) "∃E" "→I" RAA
652  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
653
654AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
655  using "∀I" "∃I"(2)"→I" RAA by metis
656
657AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
658  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
659
660AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
661  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
662
663AOT_theorem "cqt-further:7": α φ{α}  β φ{β} (* TODO: vacuous in the embedding *)
664  by (simp add: "oth-class-taut:3:a")
665
666AOT_theorem "cqt-further:8": (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
667  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
668
669AOT_theorem "cqt-further:9": (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
670  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
671
672AOT_theorem "cqt-further:10": (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
673proof(rule "→I"; rule "raa-cor:2")
674  AOT_assume 0: α φ{α} & ¬α ψ{α}
675  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
676  moreover AOT_assume α (φ{α}  ψ{α})
677  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
678  AOT_hence α ψ{α} using "∃I" by blast
679  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
680qed
681
682AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
683  using "≡I" "→I" "∃I"(2) "∃E" by metis
684
685AOT_theorem "log-prop-prop:1":  φ]
686  using "cqt:2[lambda0]"[axiom_inst] by auto
687
688AOT_theorem "log-prop-prop:2": φ
689  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
690
691AOT_theorem "exist-nec": τ  τ
692proof -
693  AOT_have β β
694    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
695  AOT_thus τ  τ
696    using "cqt:1"[axiom_inst] "→E" by blast
697qed
698
699(* TODO: replace this mechanism by a "proof by types" command *)
700class AOT_Term_id = AOT_Term +
701  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
702      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
703
704instance κ :: AOT_Term_id
705proof
706  AOT_modally_strict {
707    AOT_show κ = κ'  κ for κ κ'
708    proof(rule "→I")
709      AOT_assume κ = κ'
710      AOT_hence O!κ  A!κ
711        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
712           (meson "→I" "∨I"(1) "&E"(1))+
713      AOT_thus κ
714        by (rule "∨E"(1))
715           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
716    qed
717  }
718next
719  AOT_modally_strict {
720    AOT_show κ = κ'  κ' for κ κ'
721    proof(rule "→I")
722      AOT_assume κ = κ'
723      AOT_hence O!κ'  A!κ'
724        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
725           (meson "→I" "∨I" "&E")+
726      AOT_thus κ'
727        by (rule "∨E"(1))
728           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
729    qed
730  }
731qed
732
733instance rel :: (AOT_κs) AOT_Term_id
734proof
735  AOT_modally_strict {
736    AOT_show Π = Π'  Π for Π Π' :: <'a> (* TODO: how to get rid of the fixes? *)
737    proof(rule "→I")
738      AOT_assume Π = Π'
739      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
740    qed
741  }
742next
743  AOT_modally_strict {
744    AOT_show Π = Π'  Π' for Π Π' :: <'a> (* TODO: how to get rid of the fixes? *)
745    proof(rule "→I")
746      AOT_assume Π = Π'
747      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
748    qed
749  }
750qed
751
752instance 𝗈 :: AOT_Term_id
753proof
754  AOT_modally_strict {
755    fix φ ψ
756    AOT_show φ = ψ  φ
757    proof(rule "→I")
758      AOT_assume φ = ψ
759      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
760    qed
761  }
762next
763  AOT_modally_strict {
764    fix φ ψ
765    AOT_show φ = ψ  ψ
766    proof(rule "→I")
767      AOT_assume φ = ψ
768      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
769    qed
770  }
771qed
772
773instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
774proof
775  AOT_modally_strict {
776    fix τ τ' :: 'a×'b
777    AOT_show τ = τ'  τ
778    proof (induct τ; induct τ'; rule "→I")
779      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
780      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
781      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
782      AOT_hence τ1 and τ2 using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
783      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
784    qed
785  }
786next
787  AOT_modally_strict {
788    fix τ τ' :: 'a×'b
789    AOT_show τ = τ'  τ'
790    proof (induct τ; induct τ'; rule "→I")
791      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
792      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
793      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
794      AOT_hence τ1' and τ2' using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
795      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
796    qed
797  }
798qed
799
800(* TODO: this is the end of the "proof by types" and makes the results available on new theorems *)
801AOT_register_type_constraints
802  Term: _::AOT_Term_id› _::AOT_Term_id›
803AOT_register_type_constraints
804  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
805AOT_register_type_constraints
806  Relation: <_::{AOT_κs, AOT_Term_id}>
807
808AOT_theorem "id-rel-nec-equiv:1": Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
809proof(rule "→I")
810  AOT_assume assumption: Π = Π'
811  AOT_hence Π and Π'
812    using "t=t-proper:1" "t=t-proper:2" MP by blast+
813  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn))  x1...∀xn ([F]x1...xn  [G]x1...xn)))
814    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
815  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn))  x1...∀xn ([Π]x1...xn  [Π']x1...xn))
816    using "∀E"(1) by blast
817  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn))  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
818    using assumption "→E" by blast
819  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
820    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
821  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
822    using "→E" by blast
823qed
824
825AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
826proof(rule "→I")
827  AOT_assume assumption: φ = ψ
828  AOT_hence φ and ψ
829    using "t=t-proper:1" "t=t-proper:2" MP by blast+
830  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
831    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
832  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
833    using "∀E"(1) by blast
834  AOT_hence (φ  φ)  (φ  ψ)
835    using assumption "→E" by blast
836  moreover AOT_have (φ  φ)
837    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
838  ultimately AOT_show (φ  ψ)
839    using "→E" by blast
840qed
841
842AOT_theorem "rule=E": assumes φ{τ} and τ = σ shows φ{σ}
843proof -
844  AOT_have τ and σ using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
845  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
846    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
847  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
848    using "∀E"(1) by blast
849  AOT_thus φ{σ} using assms "→E" by blast
850qed
851
852AOT_theorem "propositions-lemma:1":  φ] = φ
853proof -
854  AOT_have φ by (simp add: "log-prop-prop:2")
855  moreover AOT_have p  p] = p using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
856  ultimately AOT_show  φ] = φ
857    using "∀E" by blast
858qed
859
860AOT_theorem "propositions-lemma:2":  φ]  φ
861proof -
862  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
863  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
864qed
865
866(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
867
868AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
869  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
870
871(* dr-alphabetic-rules does not apply *)
872
873AOT_theorem "oa-exist:1": O!
874proof -
875  AOT_have x [E!]x] by "cqt:2[lambda]"
876  AOT_hence 1: O! = x [E!]x] using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
877  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
878qed
879
880AOT_theorem "oa-exist:2": A!
881proof -
882  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
883  AOT_hence 1: A! = x ¬[E!]x] using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
884  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
885qed
886
887AOT_theorem "oa-exist:3": O!x  A!x
888proof(rule "raa-cor:1")
889  AOT_assume ¬(O!x  A!x)
890  AOT_hence A: ¬O!x and B: ¬A!x
891    using "Disjunction Addition"(1) "modus-tollens:1" "∨I"(2) "raa-cor:5" by blast+
892  AOT_have C: O! = x [E!]x]
893    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2[lambda]"
894  AOT_have D: A! = x ¬[E!]x]
895    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2[lambda]"
896  AOT_have E: ¬x [E!]x]x
897    using A C "rule=E" by fast
898  AOT_have F: ¬x ¬[E!]x]x
899    using B D "rule=E" by fast
900  AOT_have G: x [E!]x]x  [E!]x
901    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
902  AOT_have H: x ¬[E!]x]x  ¬[E!]x
903    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
904  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
905qed
906
907AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
908proof -
909  AOT_have F = G  F & G & x(x[F]  x[G])
910    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
911  moreover AOT_have F and G
912    by (auto simp: "cqt:2[const_var]"[axiom_inst])
913  ultimately AOT_show F = G  x(x[F]  x[G])
914    using "≡S"(1) "&I" by blast
915qed
916
917AOT_theorem "p-identity-thm2:2[2]": F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
918proof -
919  AOT_have F = G  F & G & y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
920    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
921  moreover AOT_have F and G
922    by (auto simp: "cqt:2[const_var]"[axiom_inst])
923  ultimately show ?thesis
924    using "≡S"(1) "&I" by blast
925qed
926    
927AOT_theorem "p-identity-thm2:2[3]": F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] & x [F]y1xy2] = x [G]y1xy2] & x [F]y1y2x] = x [G]y1y2x])
928proof -
929  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] & x [F]y1xy2] = x [G]y1xy2] & x [F]y1y2x] = x [G]y1y2x])
930    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
931  moreover AOT_have F and G
932    by (auto simp: "cqt:2[const_var]"[axiom_inst])
933  ultimately show ?thesis
934    using "≡S"(1) "&I" by blast
935qed
936
937AOT_theorem "p-identity-thm2:2[4]": F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] & x [F]y1xy2y3] = x [G]y1xy2y3] & x [F]y1y2xy3] = x [G]y1y2xy3] & x [F]y1y2y3x] = x [G]y1y2y3x])
938proof -
939  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] & x [F]y1xy2y3] = x [G]y1xy2y3] & x [F]y1y2xy3] = x [G]y1y2xy3] & x [F]y1y2y3x] = x [G]y1y2y3x])
940    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
941  moreover AOT_have F and G
942    by (auto simp: "cqt:2[const_var]"[axiom_inst])
943  ultimately show ?thesis
944    using "≡S"(1) "&I" by blast
945qed
946
947AOT_theorem "p-identity-thm2:2":
948  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
949proof -
950  AOT_have F = G  F & G & x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
951    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
952  moreover AOT_have F and G
953    by (auto simp: "cqt:2[const_var]"[axiom_inst])
954  ultimately show ?thesis
955    using "≡S"(1) "&I" by blast
956qed
957
958AOT_theorem "p-identity-thm2:3":
959  p = q  x p] = x q]
960proof -
961  AOT_have p = q  p & q & x p] = x q]
962    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
963  moreover AOT_have p and q
964    by (auto simp: "cqt:2[const_var]"[axiom_inst])
965  ultimately show ?thesis
966    using "≡S"(1) "&I" by blast
967qed
968
969class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
970
971instance κ :: AOT_Term_id_2
972proof
973  AOT_modally_strict {
974    fix x
975    {
976      AOT_assume O!x
977      moreover AOT_have F([F]x  [F]x)
978        using RN GEN "oth-class-taut:3:a" by fast
979      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
980    }
981    moreover {
982      AOT_assume A!x
983      moreover AOT_have F(x[F]  x[F])
984        using RN GEN "oth-class-taut:3:a" by fast
985      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
986    }
987    ultimately AOT_have (O!x & O!x & F([F]x  [F]x))  (A!x & A!x & F(x[F]  x[F]))
988      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
989    AOT_thus x = x
990      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
991  }
992qed
993
994instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
995proof
996  AOT_modally_strict {
997    fix F :: "<'a> AOT_var"
998    AOT_have 0: x1...xn [F]x1...xn] = F
999      by (simp add: "lambda-predicates:3"[axiom_inst])
1000    AOT_have x1...xn [F]x1...xn]
1001      by "cqt:2[lambda]"
1002    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
1003      using "lambda-predicates:1"[axiom_inst] "→E" by blast
1004    AOT_show F = F using "rule=E" 0 by force 
1005  }
1006qed
1007
1008instance 𝗈 :: AOT_Term_id_2
1009proof
1010  AOT_modally_strict {
1011    fix p
1012    AOT_have 0:  p] = p
1013      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1014    AOT_have  p]
1015      by (rule "cqt:2[lambda0]"[axiom_inst])
1016    AOT_hence  p] =  p]
1017      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1018    AOT_show p = p using "rule=E" 0 by force
1019  }
1020qed
1021
1022instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1023proof
1024  AOT_modally_strict {
1025    fix α :: ('a×'b) AOT_var›
1026    AOT_show α = α
1027    proof (induct)
1028      AOT_show τ = τ if τ for τ :: 'a×'b
1029        using that
1030      proof (induct τ)
1031        fix τ1 :: 'a and τ2 :: 'b
1032        AOT_assume «(τ1,τ2)»
1033        AOT_hence τ1 and τ2 using "≡dfE" "&E" tuple_denotes by blast+
1034        AOT_hence τ1 = τ1 and τ2 = τ2 using "id-eq:1"[unvarify α] by blast+
1035        AOT_thus «(τ1, τ2)» = «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_identity_1)
1036      qed
1037    qed
1038  }
1039qed
1040
1041AOT_register_type_constraints
1042  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1043AOT_register_type_constraints
1044  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1045AOT_register_type_constraints
1046  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1047
1048(* TODO: Interestingly, this doesn't depend on "id-eq:1" at all! *)
1049AOT_theorem "id-eq:2": α = β  β = α
1050(*
1051  TODO: look at this proof generated using:
1052        including AOT_no_atp sledgehammer[isar_proofs = true]
1053proof -
1054  have "(∃φ. [v ⊨ ~β = α → ~φ] ∧ [v ⊨ α = β → φ]) ∨ (∃φ. ¬ [v ⊨ φ{α} → φ{β}])"
1055    by meson
1056  then show ?thesis
1057    by (meson "contraposition:2" "Hypothetical Syllogism" "deduction-theorem" l_"identity:1" "useful-tautologies:1")
1058qed
1059*)
1060(*  by (meson "rule=E" "deduction-theorem") *)
1061proof (rule "→I")
1062  AOT_assume α = β
1063  moreover AOT_have β = β using calculation "rule=E"[of _ "λ τ . «τ = β»" "AOT_term_of_var α" "AOT_term_of_var β"] by blast
1064  moreover AOT_have α = α  α = α using "if-p-then-p" by blast
1065  ultimately AOT_show β = α
1066    using "→E" "→I" "rule=E"[of _ "λ τ . «(τ = τ)  (τ = α)»" "AOT_term_of_var α" "AOT_term_of_var β"] by blast
1067qed
1068
1069AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1070  using "rule=E" "→I" "&E" by blast
1071
1072AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1073proof (rule "≡I"; rule "→I")
1074  AOT_assume 0: α = β
1075  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1076  AOT_show γ (α = γ  β = γ)
1077    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1078next
1079  AOT_assume γ (α = γ  β = γ)
1080  AOT_hence α = α  β = α using "∀E"(2) by blast
1081  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1082  AOT_hence β = α using "id-eq:1" "→E" by blast
1083  AOT_thus α = β using "id-eq:2" "→E" by blast
1084qed
1085
1086AOT_theorem "rule=I:1": assumes τ shows τ = τ
1087proof -
1088  AOT_have α (α = α)
1089    by (rule GEN) (metis "id-eq:1")
1090  AOT_thus τ = τ using assms "∀E" by blast
1091qed
1092
1093AOT_theorem "rule=I:2[const_var]": "α = α"
1094  using "id-eq:1".
1095
1096AOT_theorem "rule=I:2[lambda]": assumes INSTANCE_OF_CQT_2(φ) shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1097proof -
1098  AOT_have α (α = α)
1099    by (rule GEN) (metis "id-eq:1")
1100  moreover AOT_have ν1...νn φ{ν1...νn}] using assms by (rule "cqt:2[lambda]"[axiom_inst])
1101  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}] using assms "∀E" by blast
1102qed
1103
1104lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1105
1106AOT_theorem "rule-id-def:1":
1107  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1108  shows τ{τ1...τn} = σ{τ1...τn}
1109proof -
1110  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1111    using "df-rules-terms[3]" assms(1) "&E" by blast
1112  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1113    using assms(2) "→E" by blast
1114qed
1115
1116AOT_theorem "rule-id-def:1[zero]":
1117  assumes τ =df σ and σ
1118  shows τ = σ
1119proof -
1120  AOT_have σ  τ = σ
1121    using "df-rules-terms[4]" assms(1) "&E" by blast
1122  AOT_thus τ = σ
1123    using assms(2) "→E" by blast
1124qed
1125
1126AOT_theorem "rule-id-def:2:a":
1127  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1128  shows φ{σ{τ1...τn}}
1129proof -
1130  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-def:1" assms(1,2) by blast
1131  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1132qed
1133
1134(* TODO: get rid of this, ideally *)
1135AOT_theorem "rule-id-def:2:a[2]":
1136  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»} and σ{«(τ1,τ2)»} and φ{τ{«(τ1,τ2)»}}
1137  shows φ{σ{«(τ1,τ2)»}}
1138proof -
1139  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1140  proof -
1141    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1142      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
1143    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1144      using assms(2) "→E" by blast
1145  qed
1146  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1147qed
1148
1149AOT_theorem "rule-id-def:2:a[zero]":
1150  assumes τ =df σ and σ and φ{τ}
1151  shows φ{σ}
1152proof -
1153  AOT_have τ = σ using "rule-id-def:1[zero]" assms(1,2) by blast
1154  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1155qed
1156
1157lemmas "=dfE" = "rule-id-def:2:a" "rule-id-def:2:a[zero]"
1158
1159AOT_theorem "rule-id-def:2:b":
1160  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1161  shows φ{τ{τ1...τn}}
1162proof -
1163  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-def:1" assms(1,2) by blast
1164  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1165    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1166  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1167qed
1168
1169(* TODO: get rid of this, ideally *)
1170AOT_theorem "rule-id-def:2:b[2]":
1171  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»} and σ{«(τ1,τ2)»} and φ{σ{«(τ1,τ2)»}}
1172  shows φ{τ{«(τ1,τ2)»}}
1173proof -
1174  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1175  proof -
1176    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1177      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
1178    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1179      using assms(2) "→E" by blast
1180  qed
1181  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1182    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1183  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1184qed
1185
1186AOT_theorem "rule-id-def:2:b[zero]":
1187  assumes τ =df σ and σ and φ{σ}
1188  shows φ{τ}
1189proof -
1190  AOT_have τ = σ using "rule-id-def:1[zero]" assms(1,2) by blast
1191  AOT_hence σ = τ
1192    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1193  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1194qed
1195
1196lemmas "=dfI" = "rule-id-def:2:b" "rule-id-def:2:b[zero]"
1197
1198AOT_theorem "free-thms:1": τ  β (β = τ)
1199  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1200
1201AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1202  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1203
1204AOT_theorem "free-thms:3[const_var]": β (β = α)
1205  by (meson "∃I"(2) "id-eq:1")
1206
1207AOT_theorem "free-thms:3[lambda]": assumes INSTANCE_OF_CQT_2(φ) shows β (β = ν1...νn φ{ν1...νn}])
1208  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1209
1210AOT_theorem "free-thms:4[rel]": ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1211  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1212
1213(* TODO: this is a rather weird way to formulate this and we don't have tuple-existential-elimination
1214         or tuple-equality-elimination in the theory... Splitting them is also a bit unfortunate, though.*)
1215AOT_theorem "free-thms:4[vars]": ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1216  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1217
1218AOT_theorem "free-thms:4[1,rel]": ([Π]κ  κ[Π])  β (β = Π)
1219  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1220AOT_theorem "free-thms:4[1,1]": ([Π]κ  κ[Π])  β (β = κ)
1221  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1222
1223AOT_theorem "free-thms:4[2,rel]": ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1224  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1225AOT_theorem "free-thms:4[2,1]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1226  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1227AOT_theorem "free-thms:4[2,2]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1228  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1229AOT_theorem "free-thms:4[3,rel]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1230  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1231AOT_theorem "free-thms:4[3,1]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1232  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1233AOT_theorem "free-thms:4[3,2]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1234  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1235AOT_theorem "free-thms:4[3,3]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1236  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1237AOT_theorem "free-thms:4[4,rel]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1238  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1239AOT_theorem "free-thms:4[4,1]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1240  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1241AOT_theorem "free-thms:4[4,2]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1242  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1243AOT_theorem "free-thms:4[4,3]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1244  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1245AOT_theorem "free-thms:4[4,4]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1246  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1247
1248AOT_theorem "ex:1:a": α α
1249  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1250AOT_theorem "ex:1:b": αβ(β = α)
1251  by (rule GEN) (fact "free-thms:3[const_var]")
1252
1253AOT_theorem "ex:2:a": α
1254  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1255AOT_theorem "ex:2:b": β(β = α)
1256  by (rule RN) (fact "free-thms:3[const_var]")
1257
1258AOT_theorem "ex:3:a": α α
1259  by (rule RN) (fact "ex:1:a")
1260AOT_theorem "ex:3:b": αβ(β = α)
1261  by (rule RN) (fact "ex:1:b")
1262
1263AOT_theorem "ex:4:a": α α
1264  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1265AOT_theorem "ex:4:b": αβ(β = α)
1266  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1267
1268AOT_theorem "ex:5:a": α α
1269  by (rule RN) (simp add: "ex:4:a")
1270AOT_theorem "ex:5:b": αβ(β = α)
1271  by (rule RN) (simp add: "ex:4:b")
1272
1273AOT_theorem "all-self=:1": α(α = α)
1274  by (rule RN; rule GEN) (fact "id-eq:1")
1275AOT_theorem "all-self=:2": α(α = α)
1276  by (rule GEN; rule RN) (fact "id-eq:1")
1277
1278AOT_theorem "id-nec:1": α = β  (α = β)
1279proof(rule "→I")
1280  AOT_assume α = β
1281  moreover AOT_have (α = α)
1282    by (rule RN) (fact "id-eq:1")
1283  ultimately AOT_show (α = β) using "rule=E" by fast
1284qed
1285
1286AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1287proof(rule "→I")
1288  AOT_assume asm: τ = σ
1289  moreover AOT_have τ
1290    using calculation "t=t-proper:1" "→E" by blast
1291  moreover AOT_have (τ = τ)
1292    using calculation "all-self=:2" "∀E"(1) by blast
1293  ultimately AOT_show (τ = σ) using "rule=E" by fast
1294qed
1295
1296AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1297proof (rule "≡I"; rule "→I")
1298  AOT_assume asm: φ{α}
1299  AOT_show β (β = α & φ{β})
1300    by (rule "∃I"(2)[where β=α]; rule "&I")
1301       (auto simp: "id-eq:1" asm)
1302next
1303  AOT_assume 0: β (β = α & φ{β})
1304  (* TODO: have another look at this instantiation. Ideally AOT_obtain would resolve directly to the existential
1305           statement as proof obligation *)
1306  AOT_obtain β where β = α & φ{β} using "instantiation"[rotated, OF 0] by blast
1307  AOT_thus φ{α} using "&E" "rule=E" by blast
1308qed
1309
1310AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1311proof(rule "→I")
1312  AOT_assume τ
1313  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1314    by (rule GEN) (fact "term-out:1")
1315  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1316    using "∀E" by blast
1317qed
1318
1319(* TODO: example of an apply-style proof. Keep or reformulate? *)
1320AOT_theorem "term-out:3": (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1321  apply (rule "≡I"; rule "→I")
1322   apply (frule "&E"(1)) apply (drule "&E"(2))
1323   apply (rule GEN; rule "≡I"; rule "→I")
1324  using "rule-ui:2[const_var]" "vdash-properties:5" apply blast
1325  apply (meson "rule=E" "id-eq:1")
1326  apply (rule "&I")
1327  using "id-eq:1" "≡E"(2) "rule-ui:3" apply blast
1328  apply (rule GEN; rule "→I")
1329  using "≡E"(1) "rule-ui:2[const_var]" by blast
1330
1331AOT_theorem "term-out:4": (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1332  using "term-out:3" . (* TODO: same as above - another instance of the generalized alphabetic variant rule... *)
1333
1334(* TODO: would of course be nice to define it without the syntax magic *)
1335AOT_define AOT_exists_unique :: ‹α  φ  φ›
1336  "uniqueness:1": «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1337syntax "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1338AOT_syntax_print_translations
1339  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1340syntax
1341   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ› (∃!_...∃!_ _› [1,40])
1342parse_ast_translation[(syntax_const‹_AOT_exists_unique_ellipse›, fn ctx => fn [a,b,c] =>
1343  Ast.mk_appl (Ast.Constant "AOT_exists_unique") [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1344(syntax_const‹_AOT_exists_unique›,AOT_restricted_binder const_name‹AOT_exists_unique› const_syntax‹AOT_conj›)]
1345print_translationAOT_syntax_print_translations
1346  [AOT_preserve_binder_abs_tr' const_syntax‹AOT_exists_unique› syntax_const‹_AOT_exists_unique› (syntax_const‹_AOT_exists_unique_ellipse›, true) const_name‹AOT_conj›,
1347  AOT_binder_trans @{theory} @{binding "AOT_exists_unique_binder"} syntax_const‹_AOT_exists_unique›]
1348
1349
1350
1351context AOT_meta_syntax
1352begin
1353notation AOT_exists_unique (binder "!" 20)
1354end
1355context AOT_no_meta_syntax
1356begin
1357no_notation AOT_exists_unique (binder "!" 20)
1358end
1359
1360AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1361proof(rule "≡I"; rule "→I")
1362    AOT_assume ∃!α φ{α}
1363    AOT_hence α (φ{α} & β (φ{β}  β = α))
1364      using "uniqueness:1" "≡dfE" by blast
1365    then AOT_obtain α where φ{α} & β (φ{β}  β = α) using "instantiation"[rotated] by blast
1366    AOT_hence β(φ{β}  β = α) using "term-out:3" "≡E" by blast
1367    AOT_thus αβ(φ{β}  β = α)
1368      using "∃I" by fast
1369next
1370    AOT_assume αβ(φ{β}  β = α)
1371    then AOT_obtain α where β (φ{β}  β = α) using "instantiation"[rotated] by blast
1372    AOT_hence φ{α} & β (φ{β}  β = α) using "term-out:3" "≡E" by blast
1373    AOT_hence α (φ{α} & β (φ{β}  β = α))
1374      using "∃I" by fast
1375    AOT_thus ∃!α φ{α}
1376      using "uniqueness:1" "≡dfI" by blast
1377qed
1378
1379AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1380proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1381  fix β γ
1382  AOT_assume ∃!α φ{α}
1383  AOT_hence αβ(φ{β}  β = α)
1384    using "uniqueness:2" "≡E" by blast
1385  then AOT_obtain α where β(φ{β}  β = α)
1386    using "instantiation"[rotated] by blast
1387  moreover AOT_assume φ{β} & φ{γ}
1388  ultimately AOT_have β = α and γ = α
1389    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1390  AOT_thus β = γ
1391    by (metis "rule=E" "id-eq:2" "→E")
1392qed
1393
1394AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1395proof (rule "→I"; rule "→I")
1396  AOT_assume a: α(φ{α}  φ{α})
1397  AOT_assume ∃!α φ{α}
1398  AOT_hence α (φ{α} & β (φ{β}  β = α)) using "uniqueness:1" "≡dfE" by blast
1399  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α) using "instantiation"[rotated] by blast
1400  AOT_have φ{α}
1401    using ξ a "&E" "∀E" "→E" by fast
1402  moreover AOT_have β (φ{β}  β = α)
1403    apply (rule GEN; rule "→I")
1404    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
1405  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1406    using "&I" by blast
1407  AOT_thus ∃!α φ{α}
1408    using "uniqueness:1" "≡dfI" "∃I" by fast
1409qed
1410
1411AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1412  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1413
1414AOT_theorem "nec-imp-act": φ  𝒜φ
1415  by (metis "act-cond" "contraposition:1[2]" "≡E"(4) "qml:2"[THEN act_closure, axiom_inst] "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1416
1417AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1418  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst] "logic-actual-nec:4"[axiom_inst] by blast
1419
1420AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1421  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst] "logic-actual-nec:4"[axiom_inst] RAA(1))
1422
1423AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1424proof -
1425  AOT_have (φ  (ψ  (φ & ψ)))
1426    by (rule RN) (fact Adjunction)
1427  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1428    using "nec-imp-act" "→E" by blast
1429  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1430    using "act-cond" "→E" by blast
1431  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1432    by (fact "act-cond")
1433  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1434    using "→I" "→E" by metis
1435  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1436    by (metis Importation "→E")
1437qed
1438
1439AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1440proof -
1441  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1442    by (fact "act-conj-act:3")
1443  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1444    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1445  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1446    using "→E" by blast
1447  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1448    using "conventions:3"[THEN "df-rules-formulas[2]", THEN act_closure, axiom_inst] by blast
1449  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1450    using "act-cond" "→E" by blast
1451  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1452qed
1453
1454(* TODO: consider introducing AOT_inductive *)
1455inductive arbitrary_actualization for φ where
1456  arbitrary_actualization φ «𝒜φ»
1457| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1458declare arbitrary_actualization.cases[AOT] arbitrary_actualization.induct[AOT]
1459        arbitrary_actualization.simps[AOT] arbitrary_actualization.intros[AOT]
1460syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop› ("ARBITRARY'_ACTUALIZATION'(_,_')")
1461
1462notepad
1463begin
1464  AOT_modally_strict {
1465    fix φ
1466    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1467      using AOT_PLM.arbitrary_actualization.intros by metis
1468    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1469      using AOT_PLM.arbitrary_actualization.intros by metis
1470    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1471      using AOT_PLM.arbitrary_actualization.intros by metis
1472  }
1473end
1474
1475
1476AOT_theorem "closure-act:1": assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ) shows ψ
1477using assms proof(induct)
1478  case 1
1479  AOT_show 𝒜(𝒜φ  φ)
1480    by (simp add: "act-conj-act:4")
1481next
1482  case (2 ψ)
1483  AOT_thus 𝒜ψ
1484    by (metis arbitrary_actualization.simps "≡E"(1) "logic-actual-nec:4"[axiom_inst])
1485qed
1486
1487AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1488  by (simp add: "act-conj-act:4" "∀I")
1489
1490AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1491  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "logic-actual-nec:3"[axiom_inst] "logic-actual-nec:4"[axiom_inst] "∀I")
1492
1493AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1494  using "closure-act:3" .
1495
1496(* TODO: examine these proofs *)
1497AOT_theorem "RA[1]": assumes  φ shows  𝒜φ
1498  (* This proof is the one rejected in remark (136) (meta-rule) *)
1499  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst] "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1500AOT_theorem "RA[2]": assumes  φ shows 𝒜φ
1501  (* This is actually Γ ⊢ φ ⟹ □Γ ⊢ 𝒜φ*)
1502  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1503AOT_theorem "RA[3]": assumes Γ  φ shows 𝒜Γ  𝒜φ
1504  using assms by (meson AOT_sem_act imageI)
1505  (* This is not exactly right either. *)
1506
1507AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1508  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem" "≡I" "logic-actual"[act_axiom_inst])
1509
1510AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1511  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1" "useful-tautologies:2" by blast
1512
1513AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1514  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1515
1516AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1517proof (rule "≡I"; rule "→I")
1518  AOT_assume 𝒜(φ & ψ)
1519  moreover AOT_have 𝒜((φ & ψ)  φ)
1520    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1521  moreover AOT_have 𝒜((φ & ψ)  ψ)
1522    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1523  ultimately AOT_show 𝒜φ & 𝒜ψ
1524    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1525next
1526  AOT_assume 𝒜φ & 𝒜ψ
1527  AOT_thus 𝒜(φ & ψ)
1528    using "act-conj-act:3" "vdash-properties:6" by blast
1529qed
1530
1531AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1532proof (rule "≡I"; rule "→I")
1533  AOT_assume 𝒜(φ  ψ)
1534  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1535    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1536  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1537    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1538  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1539    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1540next
1541  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1542  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1543    by (metis "act-conj-act:3" "vdash-properties:10")
1544  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1545    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]" "vdash-properties:1[2]")
1546  ultimately AOT_show 𝒜(φ  ψ)
1547    using "act-cond"[THEN "→E", THEN "→E"] by metis
1548qed
1549
1550AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1551proof (rule "≡I"; rule "→I")
1552  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1553  AOT_show 𝒜φ  𝒜ψ
1554    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1555next
1556  AOT_assume 𝒜φ  𝒜ψ
1557  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1558    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1559qed
1560
1561AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1562  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1563
1564AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1565  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1566
1567AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1568  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act" "qml-act:2"[axiom_inst])
1569
1570AOT_theorem "Act-Basic:8": φ  𝒜φ
1571  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1572
1573AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1574proof (rule "≡I"; rule "→I")
1575  AOT_assume 𝒜(φ  ψ)
1576  AOT_thus 𝒜φ  𝒜ψ
1577  proof (rule "raa-cor:3")
1578    AOT_assume ¬(𝒜φ  𝒜ψ)
1579    AOT_hence ¬𝒜φ & ¬𝒜ψ
1580      by (metis "≡E"(1) "oth-class-taut:5:d")
1581    AOT_hence 𝒜¬φ & 𝒜¬ψ
1582      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1583    AOT_hence 𝒜(¬φ & ¬ψ)
1584      using "≡E" "Act-Basic:2" by metis
1585    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1586      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1587    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1588      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1589    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1590    AOT_thus ¬𝒜(φ  ψ)
1591      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1592  qed
1593next
1594  AOT_assume 𝒜φ  𝒜ψ
1595  AOT_thus 𝒜(φ  ψ)
1596    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1) "Disjunction Addition"(2))
1597qed
1598
1599AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1600proof -
1601  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1602    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1603       (metis "logic-actual-nec:3"[axiom_inst])
1604  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1605    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1606       (rule "logic-actual-nec:1"[THEN universal_closure, axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1607  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1608    using "conventions:4"[THEN "df-rules-formulas[1]", THEN act_closure, axiom_inst]
1609          "conventions:4"[THEN "df-rules-formulas[2]", THEN act_closure, axiom_inst]
1610    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1611  also AOT_have   ¬𝒜α ¬φ{α}
1612    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1613  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1614  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1615  also AOT_have   α 𝒜 φ{α}
1616    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1617  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1618qed
1619
1620
1621AOT_theorem "Act-Basic:11": 𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1622proof(rule "≡I"; rule "→I")
1623  AOT_assume 𝒜α(φ{α}  ψ{α})
1624  AOT_hence α𝒜(φ{α}  ψ{α})
1625    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
1626  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
1627  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
1628  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
1629next
1630  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
1631  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
1632  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
1633  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
1634  AOT_thus 𝒜α(φ{α}  ψ{α})
1635    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
1636qed
1637
1638AOT_act_theorem "act-quant-uniq": β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
1639proof(rule "≡I"; rule "→I")
1640  AOT_assume β(𝒜φ{β}  β = α)
1641  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1642  AOT_hence φ{β}  β = α for β
1643    using "≡I" "→I" "RA[1]" "≡E"(1) "≡E"(2) "logic-actual"[act_axiom_inst] "vdash-properties:6"
1644    by metis
1645  AOT_thus β(φ{β}  β = α) by (rule "∀I")
1646next
1647  AOT_assume β(φ{β}  β = α)
1648  AOT_hence φ{β}  β = α for β using "∀E" by blast
1649  AOT_hence 𝒜φ{β}  β = α for β
1650    using "≡I" "→I" "RA[1]" "≡E"(1) "≡E"(2) "logic-actual"[act_axiom_inst] "vdash-properties:6"
1651    by metis
1652  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
1653qed
1654
1655AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
1656  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
1657
1658AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
1659  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" "fund-cont-desc" "≡E"(5) by blast
1660
1661
1662locale russel_axiom =
1663  fixes ψ
1664  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
1665begin
1666AOT_act_theorem "russell-axiom": ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
1667proof -
1668  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
1669    using hintikka "∀I" by fast
1670  show ?thesis
1671  proof(rule "≡I"; rule "→I")
1672    AOT_assume c: ψ{ιx φ{x}}
1673    AOT_hence d: ιx φ{x} using ψ_denotes_asm by blast
1674    AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1675    then AOT_obtain a where a_def: a = ιx φ{x} using "instantiation"[rotated] by blast
1676    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a)) using b "∀E" by blast
1677    ultimately AOT_have φ{a} & z(φ{z}  z = a) using "≡E" by blast
1678    moreover AOT_have ψ{a}
1679    proof - 
1680      AOT_have 1: xy(x = y  y = x)
1681        by (simp add: "id-eq:2" "universal-cor")
1682      AOT_have a = ιx φ{x}   ιx φ{x} = a
1683        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
1684           (auto simp: 1 d "universal-cor")
1685      AOT_thus ψ{a}
1686        using a_def c "rule=E" "→E" by blast
1687    qed
1688    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
1689    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
1690  next
1691    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
1692    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b} using "instantiation"[rotated] by blast
1693    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b)) using b "∀E" by blast
1694    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b} using g "&E" by blast+
1695    AOT_hence b = ιx φ{x} using h "≡E" by blast
1696    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
1697  qed
1698qed
1699end
1700
1701(* TODO: this nicely shows off using locales with the embedding, but maybe there is still a nicer way *)
1702(* TODO: sledgehammer tends to refer to ψ_denotes_asm in these instantiation instead of referring
1703         to cqt:5:a - should be fixed *)
1704interpretation "russell-axiom[exe,1]": russel_axiom λ κ . «[Π]κ»
1705  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
1706interpretation "russell-axiom[exe,2,1,1]": russel_axiom λ κ . «[Π]κκ'»
1707  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
1708interpretation "russell-axiom[exe,2,1,2]": russel_axiom λ κ . «[Π]κ'κ»
1709  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
1710interpretation "russell-axiom[exe,2,2]": russel_axiom λ κ . «[Π]κκ»
1711  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
1712interpretation "russell-axiom[exe,3,1,1]": russel_axiom λ κ . «[Π]κκ'κ''»
1713  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1714interpretation "russell-axiom[exe,3,1,2]": russel_axiom λ κ . «[Π]κ'κκ''»
1715  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1716interpretation "russell-axiom[exe,3,1,3]": russel_axiom λ κ . «[Π]κ'κ''κ»
1717  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1718interpretation "russell-axiom[exe,3,2,1]": russel_axiom λ κ . «[Π]κκκ'»
1719  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1720interpretation "russell-axiom[exe,3,2,2]": russel_axiom λ κ . «[Π]κκ'κ»
1721  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1722interpretation "russell-axiom[exe,3,2,3]": russel_axiom λ κ . «[Π]κ'κκ»
1723  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1724interpretation "russell-axiom[exe,3,3]": russel_axiom λ κ . «[Π]κκκ»
1725  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1726
1727interpretation "russell-axiom[enc,1]": russel_axiom λ κ . «κ[Π]»
1728  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
1729interpretation "russell-axiom[enc,2,1]": russel_axiom λ κ . «κκ'[Π]»
1730  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
1731interpretation "russell-axiom[enc,2,2]": russel_axiom λ κ . «κ'κ[Π]»
1732  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
1733interpretation "russell-axiom[enc,2,3]": russel_axiom λ κ . «κκ[Π]»
1734  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
1735interpretation "russell-axiom[enc,3,1,1]": russel_axiom λ κ . «κκ'κ''[Π]»
1736  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1737interpretation "russell-axiom[enc,3,1,2]": russel_axiom λ κ . «κ'κκ''[Π]»
1738  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1739interpretation "russell-axiom[enc,3,1,3]": russel_axiom λ κ . «κ'κ''κ[Π]»
1740  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1741interpretation "russell-axiom[enc,3,2,1]": russel_axiom λ κ . «κκκ'[Π]»
1742  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1743interpretation "russell-axiom[enc,3,2,2]": russel_axiom λ κ . «κκ'κ[Π]»
1744  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1745interpretation "russell-axiom[enc,3,2,3]": russel_axiom λ κ . «κ'κκ[Π]»
1746  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1747interpretation "russell-axiom[enc,3,3]": russel_axiom λ κ . «κκκ[Π]»
1748  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1749
1750AOT_act_theorem "1-exists:1": ιx φ{x}  ∃!x φ{x}
1751proof(rule "≡I"; rule "→I")
1752  AOT_assume ιx φ{x}
1753  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1754  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1755  AOT_hence φ{a} & z (φ{z}  z = a) using hintikka "≡E" by blast
1756  AOT_hence x (φ{x} & z (φ{z}  z = x)) by (rule "∃I")
1757  AOT_thus ∃!x φ{x} using "uniqueness:1"[THEN "≡dfI"] by blast
1758next
1759  AOT_assume ∃!x φ{x}
1760  AOT_hence x (φ{x} & z (φ{z}  z = x))
1761    using "uniqueness:1"[THEN "≡dfE"] by blast
1762  then AOT_obtain b where φ{b} & z (φ{z}  z = b) using "instantiation"[rotated] by blast
1763  AOT_hence b = ιx φ{x} using hintikka "≡E" by blast
1764  AOT_thus ιx φ{x} by (metis "t=t-proper:2" "vdash-properties:6")
1765qed
1766
1767AOT_act_theorem "1-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
1768  using "1-exists:1" "free-thms:1" "≡E"(6) by blast
1769
1770AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
1771  using "&E"(1) "→I" hintikka "≡E"(1) by blast
1772
1773AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1". (* TODO: same as above *)
1774
1775AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
1776proof(rule "→I")
1777  AOT_assume ιx φ{x}
1778  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1779  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1780  moreover AOT_have φ{a} using calculation hintikka "≡E"(1) "&E" by blast
1781  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
1782qed
1783
1784AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
1785  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
1786
1787
1788AOT_theorem "act-quant-nec": β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
1789proof(rule "≡I"; rule "→I")
1790  AOT_assume β (𝒜φ{β}  β = α)
1791  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1792  AOT_hence 𝒜𝒜φ{β}  β = α for β 
1793    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
1794  AOT_thus β(𝒜𝒜φ{β}  β = α)
1795    by (rule "∀I")
1796next
1797  AOT_assume β(𝒜𝒜φ{β}  β = α)
1798  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
1799  AOT_hence 𝒜φ{β}  β = α for β
1800    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
1801  AOT_thus β (𝒜φ{β}  β = α)
1802    by (rule "∀I")
1803qed
1804
1805AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
1806proof -
1807  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)  using descriptions[axiom_inst] by blast
1808  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
1809  proof(rule "≡I"; rule "→I"; rule "∀I")
1810    AOT_assume z (𝒜φ{z}  z = x)
1811    AOT_hence 𝒜φ{a}  a = x for a using "∀E" by blast
1812    AOT_thus 𝒜𝒜φ{a}  a = x for a by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
1813  next
1814    AOT_assume z (𝒜𝒜φ{z}  z = x)
1815    AOT_hence 𝒜𝒜φ{a}  a = x for a using "∀E" by blast
1816    AOT_thus 𝒜φ{a}  a = x for a  by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
1817  qed
1818  also AOT_have ...  x = ιx(𝒜φ{x})
1819    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
1820  finally show ?thesis .
1821qed
1822
1823AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
1824proof(rule "→I")
1825  AOT_assume ιx φ{x}
1826  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1827  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1828  moreover AOT_have a = ιx(𝒜φ{x}) using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
1829  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x}) using "rule=E" by fast
1830qed
1831
1832AOT_theorem "nec-hintikka-scheme": x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
1833proof -
1834  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x) using descriptions[axiom_inst] by blast
1835  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
1836    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
1837  finally show ?thesis.
1838qed
1839
1840AOT_theorem "equiv-desc-eq:1": 𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
1841proof(rule "→I"; rule "∀I")
1842  fix β
1843  AOT_assume 𝒜x(φ{x}  ψ{x})
1844  AOT_hence 𝒜(φ{x}  ψ{x}) for x using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
1845  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x by (metis "Act-Basic:5" "≡E"(1))
1846  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β) using "nec-hintikka-scheme" by blast
1847  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
1848  proof (rule "≡I"; rule "→I")
1849    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
1850    AOT_hence 𝒜φ{z}  z = β for z using "&E" "∀E" by blast
1851    AOT_hence 𝒜ψ{z}  z = β for z using 0 "≡E" "→I" "→E" by metis
1852    AOT_hence z(𝒜ψ{z}  z = β) using "∀I" by fast
1853    moreover AOT_have 𝒜ψ{β} using "&E" 0[THEN "≡E"(1)] 1 by blast
1854    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β) using "&I" by blast
1855  next
1856    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
1857    AOT_hence 𝒜ψ{z}  z = β for z using "&E" "∀E" by blast
1858    AOT_hence 𝒜φ{z}  z = β for z using 0 "≡E" "→I" "→E" by metis
1859    AOT_hence z(𝒜φ{z}  z = β) using "∀I" by fast
1860    moreover AOT_have 𝒜φ{β} using "&E" 0[THEN "≡E"(2)] 1 by blast
1861    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β) using "&I" by blast
1862  qed
1863  also AOT_have ...  β = ιx ψ{x}
1864    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
1865  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
1866qed
1867
1868AOT_theorem "equiv-desc-eq:2": ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1869proof(rule "→I")
1870  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
1871  AOT_hence 0: y (y = ιx φ{x}) and
1872            1: x (x = ιx φ{x}  x = ιx ψ{x})
1873    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
1874  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1875  moreover AOT_have a = ιx ψ{x} using calculation 1 "∀E" "≡E"(1) by fast
1876  ultimately AOT_show ιx φ{x} = ιx ψ{x}
1877    using "rule=E" by fast
1878qed
1879
1880AOT_theorem "equiv-desc-eq:3": ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1881  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E" "nec-imp-act"[THEN "→E"] by metis
1882
1883(* Note: this is a special case of "exist-nec" *)
1884AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
1885proof(rule "→I")
1886  AOT_assume ιx φ{x}
1887  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1888  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1889  AOT_thus ιx φ{x}
1890    using "ex:2:a" "rule=E" by fast
1891qed
1892
1893AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
1894proof(rule "→I")
1895  AOT_assume ιx φ{x}
1896  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1897  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1898  AOT_hence (a = ιx φ{x}) by (metis "id-nec:2" "vdash-properties:10")
1899  AOT_thus y (y = ιx φ{x}) by (rule "∃I")
1900qed
1901
1902AOT_act_theorem "equiv-desc-eq2:1": x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
1903  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"] "equiv-desc-eq:1"[THEN "→E"]
1904        "RA[1]" "deduction-theorem" by blast
1905
1906AOT_act_theorem "equiv-desc-eq2:2": ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1907  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"] "equiv-desc-eq:2"[THEN "→E", OF "&I"]
1908        "RA[1]" "deduction-theorem" "&E" by metis
1909
1910context russel_axiom
1911begin
1912AOT_theorem "nec-russell-axiom": ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
1913proof -
1914  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
1915    using "nec-hintikka-scheme" "∀I" by fast
1916  show ?thesis
1917  proof(rule "≡I"; rule "→I")
1918    AOT_assume c: ψ{ιx φ{x}}
1919    AOT_hence d: ιx φ{x} using ψ_denotes_asm by blast
1920    AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1921    then AOT_obtain a where a_def: a = ιx φ{x} using "instantiation"[rotated] by blast
1922    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a)) using b "∀E" by blast
1923    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) using "≡E" by blast
1924    moreover AOT_have ψ{a}
1925    proof - 
1926      AOT_have 1: xy(x = y  y = x)
1927        by (simp add: "id-eq:2" "universal-cor")
1928      AOT_have a = ιx φ{x}   ιx φ{x} = a
1929        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
1930           (auto simp: d "universal-cor" 1)
1931      AOT_thus ψ{a}
1932        using a_def c "rule=E" "→E" by metis
1933    qed
1934    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a} by (rule "&I")
1935    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x}) by (rule "∃I")
1936  next
1937    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
1938    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b} using "instantiation"[rotated] by blast
1939    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b)) using b "∀E" by blast
1940    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b} using g "&E" by blast+
1941    AOT_hence b = ιx φ{x} using h "≡E" by blast
1942    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
1943  qed
1944qed
1945end
1946
1947AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
1948proof (rule "≡I"; rule "→I")
1949  AOT_assume ιx φ{x}
1950  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1951  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1952  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
1953    using descriptions[axiom_inst] by blast
1954  ultimately AOT_have z(𝒜φ{z}  z = a)
1955    using "≡E" by blast
1956  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
1957  AOT_thus ∃!x 𝒜φ{x}
1958    using "uniqueness:2"[THEN "≡E"(2)] by fast
1959next
1960  AOT_assume ∃!x 𝒜φ{x}
1961  AOT_hence xz(𝒜φ{z}  z = x)
1962    using "uniqueness:2"[THEN "≡E"(1)] by fast
1963  then AOT_obtain a where z(𝒜φ{z}  z = a) using "instantiation"[rotated] by blast
1964  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
1965    using descriptions[axiom_inst] by blast
1966  ultimately AOT_have a = ιx φ{x} using "≡E" by blast
1967  AOT_thus ιx φ{x} by (metis "t=t-proper:2" "vdash-properties:6")
1968qed
1969
1970AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
1971  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme" "reductio-aa:2" "vdash-properties:9" by blast
1972
1973AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
1974  using "actual-desc:2". (* TODO: same as above *)
1975
1976AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
1977proof(rule "→I")
1978  AOT_assume ιx φ{x}
1979  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1980  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1981  AOT_thus 𝒜φ{ιx φ{x}}
1982    using "actual-desc:2" "rule=E" "→E" by fast
1983qed
1984
1985(* TODO: take another look at proof in PLM *)
1986AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
1987proof(rule "→I")
1988  AOT_assume 0: ιx φ{x} = ιx ψ{x}
1989  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
1990    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
1991  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x}) by (metis "rule=I:1" "existential:1")+
1992  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
1993    using "instantiation"[rotated] by metis
1994
1995  AOT_have αβ (α = β  β = α) by (rule "∀I"; rule "∀I"; rule "id-eq:2")
1996  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
1997    using "∀E" φ_down by blast
1998  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
1999    using "∀E" ψ_down by blast
2000  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
2001    "→E" by blast
2002
2003  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
2004  proof(rule "≡I"; rule "→I")
2005    AOT_assume 𝒜φ{x}
2006    moreover AOT_have 𝒜φ{x}  x = a for x
2007      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)] "∀E" by blast
2008    ultimately AOT_have x = a using "→E" by blast
2009    AOT_hence x = ιx φ{x} using a_eq "rule=E" by blast
2010    AOT_hence x = ιx ψ{x} using 0 "rule=E" by blast
2011    AOT_thus 𝒜ψ{x} by (metis "actual-desc:3" "vdash-properties:6")
2012  next
2013    AOT_assume 𝒜ψ{x}
2014    moreover AOT_have 𝒜ψ{x}  x = b for x
2015      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)] "∀E" by blast
2016    ultimately AOT_have x = b using "→E" by blast
2017    AOT_hence x = ιx ψ{x} using b_eq "rule=E" by blast
2018    AOT_hence x = ιx φ{x} using 1 "rule=E" by blast
2019    AOT_thus 𝒜φ{x} by (metis "actual-desc:3" "vdash-properties:6")
2020  qed
2021  AOT_hence 𝒜(φ{x}  ψ{x}) for x by (metis "Act-Basic:5" "≡E"(2))
2022  AOT_hence x 𝒜(φ{x}  ψ{x}) by (rule "∀I")
2023  AOT_thus 𝒜x (φ{x}  ψ{x})
2024    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2025qed    
2026
2027AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2028proof(rule "→I")
2029  AOT_assume ∃!x φ{x}
2030  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2031    using "uniqueness:1"[THEN "≡dfE"] by blast
2032  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b) using "instantiation"[rotated] by blast
2033  AOT_show y (y = ιx φ{x}  φ{y})
2034  proof(rule GEN; rule "→I")
2035    fix y
2036    AOT_assume y = ιx φ{x}
2037    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y) using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2038    AOT_hence 𝒜φ{b}  b = y using "&E" "∀E" by blast
2039    moreover AOT_have 𝒜φ{b} using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2040    ultimately AOT_have b = y using "→E" by blast
2041    moreover AOT_have φ{b} using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2042    ultimately AOT_show φ{y} using "rule=E" by blast
2043  qed
2044qed
2045
2046AOT_theorem "!box-desc:2": x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2047proof(rule "→I"; rule "→I")
2048  AOT_assume x (φ{x}  φ{x})
2049  moreover AOT_assume ∃!x φ{x}
2050  ultimately AOT_have ∃!x φ{x}
2051    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2052  AOT_thus y (y = ιx φ{x}  φ{y})
2053    using "!box-desc:1" "→E" by blast
2054qed
2055
2056AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ} (* TODO: vacuous *)
2057  by (simp add: "rule=I:1" "→I")
2058
2059AOT_theorem "RM:1[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2060proof -
2061  AOT_have Γ  (φ  ψ) using "RN[prem]" assms by blast
2062  AOT_thus Γ  φ  ψ by (metis "qml:1"[axiom_inst] "→E")
2063qed
2064
2065AOT_theorem "RM:1": assumes  φ  ψ shows  φ  ψ
2066  using "RM:1[prem]" assms by blast
2067
2068lemmas RM = "RM:1"
2069
2070AOT_theorem "RM:2[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2071proof -
2072  AOT_have Γ  ¬ψ  ¬φ using assms 
2073    by (simp add: "contraposition:1[1]")
2074  AOT_hence Γ  ¬ψ  ¬φ using "RM:1[prem]" by blast
2075  AOT_thus Γ  φ  ψ
2076    by (meson "≡dfE" "≡dfI" "conventions:5" "deduction-theorem" "modus-tollens:1")
2077qed
2078
2079AOT_theorem "RM:2": assumes  φ  ψ shows  φ  ψ
2080  using "RM:2[prem]" assms by blast
2081
2082lemmas "RM◇" = "RM:2"
2083
2084AOT_theorem "RM:3[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2085proof -
2086  AOT_have Γ  φ  ψ and Γ  ψ  φ using assms "≡E" "→I" by metis+
2087  AOT_hence Γ  φ  ψ and Γ  ψ  φ using "RM:1[prem]" by metis+
2088  AOT_thus Γ  φ  ψ
2089    by (simp add: "≡I")
2090qed
2091
2092AOT_theorem "RM:3": assumes  φ  ψ shows  φ  ψ
2093  using "RM:3[prem]" assms by blast
2094
2095lemmas RE = "RM:3"
2096
2097AOT_theorem "RM:4[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2098proof -
2099  AOT_have Γ  φ  ψ and Γ  ψ  φ using assms "≡E" "→I" by metis+
2100  AOT_hence Γ  φ  ψ and Γ  ψ  φ using "RM:2[prem]" by metis+
2101  AOT_thus Γ  φ  ψ by (simp add: "≡I")
2102qed
2103
2104AOT_theorem "RM:4": assumes  φ  ψ shows  φ  ψ
2105  using "RM:4[prem]" assms by blast
2106
2107lemmas "RE◇" = "RM:4"
2108
2109AOT_theorem "KBasic:1": φ  (ψ  φ)
2110  by (simp add: RM "pl:1"[axiom_inst])
2111
2112AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2113  by (simp add: RM "useful-tautologies:3")
2114
2115AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2116proof (rule "≡I"; rule "→I")
2117  AOT_assume (φ & ψ)
2118  AOT_thus φ & ψ
2119    by (meson RM "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "vdash-properties:6")
2120next
2121  AOT_have φ  (ψ  (φ & ψ)) by (simp add: "RM:1" Adjunction)
2122  AOT_hence φ  (ψ  (φ & ψ))  by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2123  moreover AOT_assume φ & ψ
2124  ultimately AOT_show (φ & ψ)
2125    using "→E" "&E" by blast
2126qed
2127
2128AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2129proof -
2130  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2131    by (fact "KBasic:3")
2132  AOT_modally_strict {
2133    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2134      by (fact "conventions:3"[THEN "≡Df"])
2135  }
2136  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2137    by (rule RE)
2138  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2139    using "≡E"(5) by blast
2140qed
2141
2142AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2143proof -
2144  AOT_have (φ  ψ)  (φ  ψ)
2145    by (fact "qml:1"[axiom_inst])
2146  moreover AOT_have (ψ  φ)  (ψ  φ)
2147    by (fact "qml:1"[axiom_inst])
2148  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2149    by (metis "&I" MP "Double Composition")
2150  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2151    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2152  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2153    by (metis "Hypothetical Syllogism")
2154qed
2155
2156AOT_theorem "KBasic:6": (φ ψ)  (φ  ψ)
2157  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "vdash-properties:10" by blast
2158AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2159proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2160  AOT_assume φ & ψ
2161  AOT_hence φ and ψ using "&E" by blast+
2162  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2163  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2164  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2165next
2166  AOT_assume ¬φ & ¬ψ
2167  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2168  AOT_modally_strict {
2169    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2170      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2171  }
2172  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2173    by (rule RM)
2174  AOT_thus (φ  ψ) using 0 "→E" by blast
2175qed(auto)
2176
2177AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2178  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2179AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2180  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2181AOT_theorem "KBasic:10": φ  ¬¬φ
2182  by (simp add: "RM:3" "oth-class-taut:3:b")
2183AOT_theorem "KBasic:11": ¬φ  ¬φ
2184proof (rule "≡I"; rule "→I")
2185  AOT_show ¬φ if ¬φ
2186    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2187next
2188  AOT_show ¬φ if ¬φ
2189    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2190qed
2191AOT_theorem "KBasic:12": φ  ¬¬φ
2192proof (rule "≡I"; rule "→I")
2193  AOT_show ¬¬φ if φ
2194    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2195next
2196  AOT_show φ if ¬¬φ
2197  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2198qed
2199AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2200proof -
2201  AOT_have φ  ψ  φ  ψ by blast
2202  AOT_hence (φ  ψ)  φ  ψ
2203    using "RM:2[prem]" by blast
2204  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2205qed
2206lemmas "K◇" = "KBasic:13"
2207AOT_theorem "KBasic:14": φ  ¬¬φ
2208  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2209AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2210proof -
2211  AOT_modally_strict {
2212    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2213      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2214  }
2215  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2216    using RM by blast+
2217  AOT_thus (φ  ψ)  (φ  ψ)
2218    by (metis "∨E"(1) "deduction-theorem")
2219qed
2220
2221AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2222  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism" Importation "vdash-properties:6")
2223
2224AOT_theorem "rule-sub-lem:1:a":
2225  assumes  (ψ  χ)
2226  shows  ¬ψ  ¬χ
2227  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2228        "≡E"(1) "oth-class-taut:4:b" by blast
2229
2230AOT_theorem "rule-sub-lem:1:b":
2231  assumes  (ψ  χ)
2232  shows  (ψ  Θ)  (χ  Θ)
2233  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2234  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2235
2236AOT_theorem "rule-sub-lem:1:c":
2237  assumes  (ψ  χ)
2238  shows  (Θ  ψ)  (Θ  χ)
2239  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2240  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2241
2242AOT_theorem "rule-sub-lem:1:d":
2243  assumes for arbitrary α:  (ψ{α}  χ{α})
2244  shows  α ψ{α}  α χ{α}
2245proof -
2246  AOT_modally_strict {
2247    AOT_have α (ψ{α}  χ{α})
2248      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2249    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2250    AOT_show α ψ{α}  α χ{α}
2251    proof (rule "≡I"; rule "→I")
2252      AOT_assume α ψ{α}
2253      AOT_hence ψ{α} for α using "∀E" by blast
2254      AOT_hence χ{α} for α using 0 "≡E" by blast
2255      AOT_thus α χ{α} by (rule "∀I")
2256    next
2257      AOT_assume α χ{α}
2258      AOT_hence χ{α} for α using "∀E" by blast
2259      AOT_hence ψ{α} for α using 0 "≡E" by blast
2260      AOT_thus α ψ{α} by (rule "∀I")
2261    qed
2262  }
2263qed
2264
2265AOT_theorem "rule-sub-lem:1:e":
2266  assumes  (ψ  χ)
2267  shows   ψ]   χ]
2268  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2269  using "≡E"(1) "propositions-lemma:6" by blast
2270
2271AOT_theorem "rule-sub-lem:1:f":
2272  assumes  (ψ  χ)
2273  shows  𝒜ψ  𝒜χ
2274  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2275  by (metis "Act-Basic:5" "≡E"(1))
2276
2277AOT_theorem "rule-sub-lem:1:g":
2278  assumes  (ψ  χ)
2279  shows  ψ  χ
2280  using "KBasic:6" assms "vdash-properties:6" by blast
2281
2282text‹Note that instead of deriving @{text "rule-sub-lem:2"}, @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2283     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2284
2285class AOT_subst =
2286  fixes AOT_subst :: "('a  𝗈)  bool"
2287    and AOT_subst_cond :: "'a  'a  bool"
2288  assumes AOT_subst: "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2289
2290named_theorems AOT_substI
2291
2292instantiation 𝗈 :: AOT_subst
2293begin
2294
2295inductive AOT_subst_𝗈 where
2296  AOT_subst_𝗈_id[AOT_substI]: "AOT_subst_𝗈 (λφ. φ)"
2297| AOT_subst_𝗈_const[AOT_substI]: "AOT_subst_𝗈 (λφ. ψ)"
2298| AOT_subst_𝗈_not[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)"
2299| AOT_subst_𝗈_imp[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)"
2300| AOT_subst_𝗈_lambda0[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))"
2301| AOT_subst_𝗈_act[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)"
2302| AOT_subst_𝗈_box[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)"
2303| AOT_subst_𝗈_by_def[AOT_substI]: "( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ))  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ"
2304
2305definition AOT_subst_cond_𝗈 where "AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]"
2306
2307instance
2308proof
2309  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2310  assume cond: ‹AOT_subst_cond ψ χ
2311  assume ‹AOT_subst φ
2312  moreover AOT_have  ψ  χ using cond unfolding AOT_subst_cond_𝗈_def by blast
2313  ultimately AOT_show  φ{ψ}  φ{χ}
2314  proof (induct arbitrary: ψ χ)
2315    case AOT_subst_𝗈_id
2316    thus ?case using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2317  next
2318    case (AOT_subst_𝗈_const ψ)
2319    thus ?case by (simp add: "oth-class-taut:3:a")
2320  next
2321    case (AOT_subst_𝗈_not Θ)
2322    thus ?case by (simp add: RN "rule-sub-lem:1:a")
2323  next
2324    case (AOT_subst_𝗈_imp Θ Ξ)
2325    thus ?case by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2326  next
2327    case (AOT_subst_𝗈_lambda0 Θ)
2328    thus ?case by (simp add: RN "rule-sub-lem:1:e")
2329  next
2330    case (AOT_subst_𝗈_act Θ)
2331    thus ?case by (simp add: RN "rule-sub-lem:1:f")
2332  next
2333    case (AOT_subst_𝗈_box Θ)
2334    thus ?case by (simp add: RN "rule-sub-lem:1:g")
2335  next
2336    case (AOT_subst_𝗈_by_def Θ Ξ)
2337    AOT_modally_strict {
2338      AOT_have Ξ{ψ}  Ξ{χ} using AOT_subst_𝗈_by_def by simp
2339      AOT_thus Θ{ψ}  Θ{χ}
2340        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ] "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2341        by (metis "≡E"(6) "oth-class-taut:3:a")
2342    }
2343  qed
2344qed
2345end
2346
2347instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2348begin
2349
2350definition AOT_subst_cond_fun :: "('a  'b)  ('a  'b)  bool" where
2351  "AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α)) (ψ (AOT_term_of_var α))"
2352
2353inductive AOT_subst_fun :: "(('a  'b)  𝗈)  bool" where
2354  AOT_subst_fun_const[AOT_substI]: "AOT_subst_fun (λφ. ψ)"
2355| AOT_subst_fun_id[AOT_substI]: "AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var x)))"
2356| AOT_subst_fun_all[AOT_substI]: "AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α)))  AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)"
2357| AOT_subst_fun_not[AOT_substI]: "AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)"
2358| AOT_subst_fun_imp[AOT_substI]: "AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)"
2359| AOT_subst_fun_lambda0[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))"
2360| AOT_subst_fun_act[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)"
2361| AOT_subst_fun_box[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)"
2362| AOT_subst_fun_def[AOT_substI]: "( φ . AOT_model_equiv_def (Θ φ) (Ψ φ))  AOT_subst_fun Ψ  AOT_subst_fun Θ"
2363
2364instance proof
2365  fix ψ χ :: "'a  'b" and φ :: ('a  'b)  𝗈›
2366  assume ‹AOT_subst φ
2367  moreover assume cond: ‹AOT_subst_cond ψ χ
2368  ultimately AOT_show  «φ ψ»  «φ χ»
2369  proof(induct)
2370    case (AOT_subst_fun_const ψ)
2371    then show ?case by (simp add: "oth-class-taut:3:a")
2372  next
2373  case (AOT_subst_fun_id Ψ x)
2374  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2375  next
2376  case (AOT_subst_fun_all Ψ Θ)
2377  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2378    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2379  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2380    by (simp add: RN "rule-sub-lem:1:d" AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2381  next
2382  case (AOT_subst_fun_not Ψ)
2383  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2384  next
2385  case (AOT_subst_fun_imp Ψ Θ)
2386  then show ?case 
2387    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2388    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "vdash-properties:6")
2389  next
2390  case (AOT_subst_fun_lambda0 Θ)
2391  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2392  next
2393  case (AOT_subst_fun_act Θ)
2394  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2395  next
2396  case (AOT_subst_fun_box Θ)
2397  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2398  next
2399  case (AOT_subst_fun_def Θ Ψ)
2400  then show ?case
2401    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2402  qed
2403qed
2404end
2405
2406method_setup AOT_defI =
2407‹Scan.lift (Scan.succeed (fn ctxt => (Method.CONTEXT_METHOD (fn thms => (Context_Tactic.CONTEXT_SUBGOAL (fn (trm,int) => 
2408Context_Tactic.CONTEXT_TACTIC (
2409let
2410fun findHeadConst (Const x) = SOME x
2411  | findHeadConst (A $ B) = findHeadConst A
2412  | findHeadConst _ = NONE
2413fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ rhs) = findHeadConst lhs
2414  | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2415  | findDef (Abs (a,b,c)) = findDef c
2416  | findDef _ = NONE
2417val const_opt = (findDef trm)
2418val defs = case const_opt of SOME const => List.filter (fn thm => let
2419    val concl = Thm.concl_of thm
2420    val thmconst = (findDef concl)
2421    in case thmconst of SOME (c,_) => fst const = c | _ => false end) (AOT_Definitions.get ctxt)
2422    | _ => []
2423in
2424resolve_tac ctxt defs 1
2425end
2426)) 1)))))
2427‹Resolve AOT definitions›
2428
2429method AOT_subst_intro_helper = ((rule AOT_substI
2430      | AOT_defI
2431      | (simp only: AOT_subst_cond_𝗈_def AOT_subst_cond_fun_def; ((rule allI)+)?)))
2432
2433method AOT_subst for ψ::"'a::AOT_subst" and χ::"'a::AOT_subst" =
2434    (match conclusion in "[v  «φ ψ»]" for φ and v 
2435      match (φ) in "λa . ?p" fail¦ "λa . a" fail2436       ¦ _ rule AOT_subst[where φ=φ and ψ=ψ and χ=χ, THEN "≡E"(2)]
2437       ; (AOT_subst_intro_helper+)?››)
2438
2439method AOT_subst_rev for χ::"'a::AOT_subst" and ψ::"'a::AOT_subst" =
2440    (match conclusion in "[v  «φ ψ»]" for φ and v 
2441      match (φ) in "λa . ?p" fail¦ "λa . a" fail2442       ¦ _ rule AOT_subst[where φ=φ and ψ=χ and χ=ψ, THEN "≡E"(1)]
2443       ; (AOT_subst_intro_helper+)?››)
2444
2445method AOT_subst_manual for φ::"'a::AOT_subst  𝗈" =
2446    (rule AOT_subst[where φ=φ, THEN "≡E"(2)]; (AOT_subst_intro_helper+)?)
2447
2448method AOT_subst_manual_rev for φ::"'a::AOT_subst  𝗈" =
2449    (rule AOT_subst[where φ=φ, THEN "≡E"(1)]; (AOT_subst_intro_helper+)?)
2450
2451method AOT_subst_using uses subst =
2452    (match subst in "[?w  ψ  χ]" for ψ χ  2453       match conclusion in "[v  «φ ψ»]" for φ v 2454         rule AOT_subst[where φ=φ and ψ=ψ and χ=χ, THEN "≡E"(2)]
2455         ; ((AOT_subst_intro_helper | (fact subst; fail))+)?››)
2456
2457method AOT_subst_using_rev uses subst =
2458    (match subst in "[?w  ψ  χ]" for ψ χ  2459      match conclusion in "[v  «φ χ»]" for φ v 2460        rule AOT_subst[where φ=φ and ψ=ψ and χ=χ, THEN "≡E"(1)]
2461        ; ((AOT_subst_intro_helper | (fact subst; fail))+)?››)
2462
2463AOT_theorem "rule-sub-remark:1[1]": assumes  A!x  ¬E!x and ¬A!x shows ¬¬E!x
2464  by (AOT_subst_rev "«A!x»" "«¬E!x»") (auto simp: assms)
2465
2466AOT_theorem "rule-sub-remark:1[2]": assumes  A!x  ¬E!x and  ¬¬E!x shows ¬A!x
2467  by (AOT_subst "«A!x»" "«¬E!x»") (auto simp: assms)
2468
2469AOT_theorem "rule-sub-remark:2[1]":
2470  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a)) and p  [R]xy shows p  [R]xy & ([Q]a  ¬[Q]a)
2471  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2472
2473AOT_theorem "rule-sub-remark:2[2]":
2474  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a)) and p  [R]xy & ([Q]a  ¬[Q]a) shows p  [R]xy
2475  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2476
2477AOT_theorem "rule-sub-remark:3[1]":
2478  assumes for arbitrary x:  A!x  ¬E!x
2479      and x A!x
2480    shows x ¬E!x
2481  by (AOT_subst_rev "λκ. «A!κ»" "λκ. «¬E!κ»") (auto simp: assms)
2482
2483AOT_theorem "rule-sub-remark:3[2]":
2484  assumes for arbitrary x:  A!x  ¬E!x
2485      and x ¬E!x
2486    shows x A!x
2487  by (AOT_subst "λκ. «A!κ»" "λκ. «¬E!κ»") (auto simp: assms)
2488
2489AOT_theorem "rule-sub-remark:4[1]":
2490  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x shows 𝒜[P]x
2491  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2492
2493AOT_theorem "rule-sub-remark:4[2]":
2494  assumes  ¬¬[P]x  [P]x and 𝒜[P]x shows 𝒜¬¬[P]x
2495  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2496
2497AOT_theorem "rule-sub-remark:5[1]":
2498  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ) shows (¬ψ  ¬φ)
2499  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2500
2501AOT_theorem "rule-sub-remark:5[2]":
2502  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ) shows (φ  ψ) 
2503  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2504
2505AOT_theorem "rule-sub-remark:6[1]":
2506  assumes  ψ  χ and (φ  ψ) shows (φ  χ) 
2507  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2508
2509AOT_theorem "rule-sub-remark:6[2]":
2510  assumes  ψ  χ and (φ  χ) shows (φ  ψ)
2511  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2512
2513AOT_theorem "rule-sub-remark:7[1]":
2514  assumes  φ  ¬¬φ and (φ  φ) shows (¬¬φ  φ) 
2515  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2516
2517AOT_theorem "rule-sub-remark:7[2]":
2518  assumes  φ  ¬¬φ and (¬¬φ  φ) shows  (φ  φ)
2519  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2520
2521AOT_theorem "KBasic2:1": ¬φ  ¬φ
2522  by (meson "conventions:5" "contraposition:2" "Hypothetical Syllogism" "df-rules-formulas[3]"
2523            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
2524
2525AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
2526proof -
2527  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
2528    by (simp add: "RE◇" "oth-class-taut:5:b")
2529  also AOT_have   ¬(¬φ & ¬ψ)
2530    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
2531  also AOT_have   ¬(¬φ & ¬ψ)
2532    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
2533  also AOT_have   ¬(¬φ & ¬ψ)
2534    apply (AOT_subst_rev "«¬φ»" "«¬φ»")
2535    apply (simp add: "KBasic2:1")
2536    apply (AOT_subst_rev "«¬ψ»" "«¬ψ»")
2537    by (auto simp: "KBasic2:1" "oth-class-taut:3:a")
2538  also AOT_have   ¬¬(φ  ψ)
2539    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
2540  also AOT_have   φ  ψ
2541    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
2542  finally show ?thesis .
2543qed
2544
2545AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
2546  by (metis "RM◇" "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "deduction-theorem" "modus-tollens:1" "reductio-aa:1")
2547
2548AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
2549proof -
2550  AOT_have (φ  ψ)  (¬φ  ψ)
2551    by (AOT_subst "«φ  ψ»" "«¬φ  ψ»")
2552       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
2553  also AOT_have ...  ¬φ  ψ
2554    by (simp add: "KBasic2:2")
2555  also AOT_have ...  ¬φ  ψ
2556    by (AOT_subst "«¬φ»" "«¬φ»")
2557       (auto simp: "KBasic:11" "oth-class-taut:3:a")
2558  also AOT_have ...  φ  ψ
2559    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
2560  finally show ?thesis .
2561qed
2562
2563AOT_theorem "KBasic2:5": φ  ¬¬φ
2564  apply (AOT_subst "«φ»" "«¬¬φ»")
2565   apply (simp add: "conventions:5" "≡Df")
2566  apply (AOT_subst "«¬¬φ»" "«¬¬¬¬φ»")
2567   apply (simp add: "conventions:5" "≡Df")
2568  apply (AOT_subst_rev "«¬φ»"  "«¬¬¬φ»")
2569   apply (simp add: "oth-class-taut:3:b")
2570  by (simp add: "oth-class-taut:3:a")
2571
2572
2573AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
2574proof(rule "→I"; rule "raa-cor:1")
2575  AOT_assume (φ  ψ)
2576  AOT_hence (¬φ  ψ)
2577    apply - apply (AOT_subst_rev "«φ  ψ»" "«¬φ  ψ»")
2578    by (simp add: "conventions:2" "≡Df")
2579  AOT_hence 1: ¬φ  ψ using "KBasic:13" "vdash-properties:10" by blast
2580  AOT_assume ¬(φ  ψ)
2581  AOT_hence ¬φ and ¬ψ using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
2582  AOT_thus ψ & ¬ψ using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
2583qed
2584
2585AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
2586proof(rule "→I"; frule "&E"(1); drule "&E"(2))
2587  AOT_assume (φ  ψ)
2588  AOT_hence 1: φ  ψ
2589    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
2590  AOT_assume ¬φ
2591  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
2592  AOT_thus ψ using 1 "∨E"(2) by blast
2593qed
2594
2595AOT_theorem "T-S5-fund:1": φ  φ
2596  by (meson "≡dfI" "conventions:5" "contraposition:2" "Hypothetical Syllogism" "deduction-theorem" "qml:2"[axiom_inst])
2597lemmas "T◇" = "T-S5-fund:1"
2598
2599AOT_theorem "T-S5-fund:2": φ  φ
2600proof(rule "→I")
2601  AOT_assume φ
2602  AOT_hence ¬¬φ
2603    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
2604  moreover AOT_have ¬φ  ¬φ
2605    by (fact "qml:3"[axiom_inst])
2606  ultimately AOT_have ¬¬φ
2607    using "modus-tollens:1" by blast
2608  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
2609qed
2610lemmas "5◇" = "T-S5-fund:2"
2611
2612(* Also interestingly none of these have proofs in PLM. *)
2613AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
2614  by (AOT_subst "«𝒜¬φ»" "«¬𝒜φ»")
2615     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
2616
2617AOT_theorem "Act-Sub:2": φ  𝒜φ
2618  apply (AOT_subst "«φ»" "«¬¬φ»")
2619   apply (simp add: "conventions:5" "≡Df")
2620  by (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
2621            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
2622
2623AOT_theorem "Act-Sub:3": 𝒜φ  φ
2624  apply (AOT_subst "«φ»" "«¬¬φ»")
2625   apply (simp add: "conventions:5" "≡Df")
2626  by (metis "Act-Sub:1" "deduction-theorem" "≡E"(4) "nec-imp-act" "reductio-aa:2" "vdash-properties:6")
2627
2628
2629AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
2630proof (rule "≡I"; rule "→I")
2631  AOT_assume 𝒜φ
2632  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
2633next
2634  AOT_assume 𝒜φ
2635  AOT_hence ¬¬𝒜φ
2636    using "≡dfE" "conventions:5" by blast
2637  AOT_hence ¬𝒜¬φ
2638    apply - apply (AOT_subst "«𝒜¬φ»" "«¬𝒜φ»")
2639    by (simp add: "logic-actual-nec:1"[axiom_inst])
2640  AOT_thus 𝒜φ
2641      using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4) "reductio-aa:1" by blast
2642qed
2643
2644AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
2645  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "deduction-theorem" "≡E"(1) "≡E"(2) "vdash-properties:6")
2646
2647AOT_theorem "S5Basic:1": φ  φ
2648  by (simp add: "≡I" "qml:2" "qml:3" "vdash-properties:1[2]")
2649
2650AOT_theorem "S5Basic:2": φ  φ
2651  by (simp add: "T◇" "5◇" "≡I")
2652
2653AOT_theorem "S5Basic:3": φ  φ
2654  using "T◇" "Hypothetical Syllogism" "qml:3" "vdash-properties:1[2]" by blast
2655lemmas "B" = "S5Basic:3"
2656
2657AOT_theorem "S5Basic:4": φ  φ
2658  using "5◇" "Hypothetical Syllogism" "qml:2" "vdash-properties:1[2]" by blast
2659lemmas "B◇" = "S5Basic:4"
2660
2661AOT_theorem "S5Basic:5": φ  φ
2662  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
2663lemmas "4" = "S5Basic:5"
2664
2665AOT_theorem "S5Basic:6": φ  φ
2666  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
2667
2668AOT_theorem "S5Basic:7": φ  φ
2669  apply (AOT_subst "«φ»" "«¬¬φ»")
2670   apply (simp add: "conventions:5" "≡Df")
2671  apply (AOT_subst "«φ»" "«¬¬φ»")
2672   apply (simp add: "conventions:5" "≡Df")
2673  apply (AOT_subst_rev "«¬φ»" "«¬¬¬φ»")
2674   apply (simp add: "oth-class-taut:3:b")
2675  apply (AOT_subst_rev "«¬φ»" "«¬φ»")
2676   apply (simp add: "S5Basic:6")
2677  by (simp add: "if-p-then-p")
2678
2679lemmas "4◇" = "S5Basic:7"
2680
2681AOT_theorem "S5Basic:8": φ  φ
2682  by (simp add: "4◇" "T◇" "≡I")
2683
2684AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
2685  apply (rule "≡I"; rule "→I")
2686  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10" apply blast
2687  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1) "con-dis-taut:7"
2688            "intro-elim:1" "Commutativity of ∨")
2689
2690AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
2691(* Note: nicely this proof is entirely sledgehammer generated *)
2692proof(rule "≡I"; rule "→I")
2693  AOT_assume (φ  ψ)
2694  AOT_hence φ  ψ
2695    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
2696  AOT_thus φ  ψ
2697    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
2698next
2699  AOT_assume φ  ψ
2700  AOT_hence φ  ψ
2701    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
2702  AOT_thus (φ  ψ)
2703    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1) "Disjunction Addition"(2))
2704qed
2705
2706AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
2707proof -
2708  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
2709    by (AOT_subst "«φ & ψ»" "«¬(¬φ  ¬ψ)»")
2710       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
2711  also AOT_have   ¬(¬φ  ¬ψ)
2712    by (AOT_subst "«¬ψ»" "«¬ψ»")
2713       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
2714  also AOT_have   ¬(¬φ  ¬ψ)
2715    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
2716  also AOT_have   ¬(¬φ  ¬ψ)
2717    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
2718  also AOT_have   ¬(¬φ  ¬ψ)
2719    apply (AOT_subst "«¬φ»" "«¬φ»")
2720     apply (simp add: "KBasic2:1")
2721    apply (AOT_subst "«¬ψ»" "«¬ψ»")
2722    by (auto simp: "KBasic2:1" "oth-class-taut:3:a")
2723  also AOT_have   φ & ψ
2724    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
2725  finally show ?thesis .
2726qed
2727
2728AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
2729proof (rule "≡I"; rule "→I")
2730  AOT_assume (φ & ψ)
2731  AOT_hence φ & ψ
2732    using "KBasic2:3" "vdash-properties:6" by blast
2733  AOT_thus φ & ψ
2734    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
2735next
2736  AOT_assume φ & ψ
2737  moreover AOT_have (ψ & φ)  (φ & ψ)
2738    by (AOT_subst "«φ & ψ»" "«ψ & φ»")
2739       (auto simp: "Commutativity of &" "KBasic:16")
2740  ultimately AOT_show (φ & ψ)
2741    by (metis "4" "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "vdash-properties:6")
2742qed
2743
2744
2745AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
2746proof (rule "≡I")
2747  AOT_modally_strict {
2748    AOT_have (φ  ψ)  (φ  ψ)
2749      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "deduction-theorem")
2750  }
2751  AOT_hence (φ  ψ)  (φ  ψ)
2752    by (rule RM)
2753  AOT_thus  (φ  ψ)  (φ  ψ)
2754    using "4" "Hypothetical Syllogism" by blast
2755next
2756  AOT_modally_strict {
2757    AOT_have (φ  ψ)  (φ  ψ)
2758      by (meson "B" "Hypothetical Syllogism" "deduction-theorem" "qml:1" "vdash-properties:1[2]")
2759  }
2760  AOT_hence  (φ  ψ)  (φ  ψ)
2761    by (rule RM)
2762  AOT_thus (φ  ψ)  (φ  ψ)
2763    using "4" "Hypothetical Syllogism" by blast
2764qed
2765
2766AOT_theorem "derived-S5-rules:1":
2767  assumes Γ  φ  ψ shows Γ  φ  ψ
2768proof -
2769  AOT_have Γ  φ  ψ
2770    using assms by (rule "RM:1[prem]")
2771  AOT_thus Γ  φ  ψ
2772    using "B" "Hypothetical Syllogism" by blast
2773qed
2774
2775AOT_theorem "derived-S5-rules:2":
2776  assumes Γ  φ  ψ shows Γ  φ  ψ
2777proof -
2778  AOT_have Γ  φ  ψ
2779    using assms by (rule "RM:2[prem]")
2780  AOT_thus Γ  φ  ψ
2781    using "B◇" "Hypothetical Syllogism" by blast
2782qed
2783
2784AOT_theorem "BFs:1": α φ{α}  α φ{α}
2785proof -
2786  AOT_modally_strict {
2787    AOT_modally_strict {
2788      AOT_have α φ{α}  φ{α} for α by (fact AOT)
2789    }
2790    AOT_hence α φ{α}  φ{α} for α by (rule "RM◇")
2791    AOT_hence α φ{α}  α φ{α}
2792      using "B◇" "∀I" "→E" "→I" by metis
2793  }
2794  thus ?thesis using "derived-S5-rules:1" by blast
2795qed
2796lemmas "BF" = "BFs:1"
2797
2798AOT_theorem "BFs:2": α φ{α}  α φ{α}
2799proof -
2800  AOT_have α φ{α}  φ{α} for α using RM "cqt-orig:3" by metis
2801  thus ?thesis using  "cqt-orig:2"[THEN "→E"] "∀I" by metis
2802qed
2803lemmas "CBF" = "BFs:2"
2804
2805AOT_theorem "BFs:3": α φ{α}  α φ{α}
2806proof(rule "→I")
2807  AOT_modally_strict {
2808    AOT_have α ¬φ{α}  α ¬φ{α}
2809      using BF CBF "≡I" by blast
2810  } note θ = this
2811
2812  AOT_assume α φ{α}
2813  AOT_hence ¬¬(α φ{α})
2814    using "≡dfE" "conventions:5" by blast
2815  AOT_hence ¬α ¬φ{α}
2816    apply - apply (AOT_subst "«α ¬φ{α}»" "«¬(α φ{α})»")
2817    using "≡dfI" "conventions:3" "conventions:4" "&I" "contraposition:2" "cqt-further:4"
2818          "df-rules-formulas[1]" "vdash-properties:1[2]" by blast
2819  AOT_hence ¬α ¬φ{α}
2820    apply - apply (AOT_subst_using_rev subst: θ)
2821    using θ by blast
2822  AOT_hence ¬α ¬¬¬φ{α}
2823    apply - apply (AOT_subst_rev "λ τ. «¬φ{τ}»"  "λ τ. «¬¬¬φ{τ}»")
2824    by (simp add: "oth-class-taut:3:b")
2825  AOT_hence 0: α ¬¬φ{α}
2826    by (rule "conventions:4"[THEN "≡dfI"])
2827  AOT_show α φ{α}
2828    apply (AOT_subst "λ τ . «φ{τ}»" "λ τ . «¬¬φ{τ}»")
2829     apply (simp add: "conventions:5" "≡Df")
2830    using 0 by blast
2831qed
2832lemmas "BF◇" = "BFs:3"
2833
2834AOT_theorem "BFs:4": α φ{α}  α φ{α}
2835proof(rule "→I")
2836  AOT_assume α φ{α}
2837  AOT_hence ¬α ¬φ{α}
2838    using "conventions:4"[THEN "≡dfE"] by blast
2839  AOT_hence ¬α ¬φ{α}
2840    apply - apply (AOT_subst "λ τ . «¬φ{τ}»" "λ τ . «¬φ{τ}»")
2841    by (simp add: "KBasic2:1")
2842  moreover AOT_have α ¬φ{α}  α ¬φ{α}
2843    using "≡I" "BF" "CBF" by metis
2844  ultimately AOT_have 1: ¬α ¬φ{α}
2845    using "≡E"(3) by blast
2846  AOT_show α φ{α}
2847    apply (rule "conventions:5"[THEN "≡dfI"])
2848    apply (AOT_subst "«α φ{α}»" "«¬α ¬φ{α}»")
2849     apply (simp add: "conventions:4" "≡Df")
2850    apply (AOT_subst "«¬¬α ¬φ{α}»" "«α ¬φ{α}»")
2851    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
2852qed
2853lemmas "CBF◇" = "BFs:4"
2854
2855AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
2856proof(rule "→I")
2857  AOT_assume α φ{α}
2858  then AOT_obtain α where φ{α} using "∃E" by metis
2859  moreover AOT_have α
2860    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
2861  moreover AOT_have φ{τ}, τ  α φ{α} for τ
2862  proof -
2863    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
2864    AOT_thus φ{τ}, τ  α φ{α}
2865      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
2866  qed
2867  ultimately AOT_show α φ{α} by blast
2868qed
2869lemmas Buridan = "sign-S5-thm:1"
2870
2871AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
2872proof -
2873  AOT_have α (α φ{α}  φ{α})
2874    by (simp add: "RM◇" "cqt-orig:3" "∀I")
2875  AOT_thus α φ{α}  α φ{α}
2876    using "∀E"(4) "∀I" "→E" "→I" by metis
2877qed
2878lemmas "Buridan◇" = "sign-S5-thm:2"
2879
2880AOT_theorem "sign-S5-thm:3": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
2881  apply (rule "RM:2")
2882  by (metis (no_types, lifting) "instantiation" "&I" "&E"(1)
2883                                "&E"(2) "deduction-theorem" "existential:2[const_var]")
2884
2885AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
2886  apply (rule "RM:2")
2887  by (meson "instantiation" "&E"(1) "deduction-theorem" "existential:2[const_var]")
2888
2889AOT_theorem "sign-S5-thm:5": (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
2890proof -
2891  {
2892    fix φ' ψ' χ'
2893    AOT_assume  φ' & ψ'  χ'
2894    AOT_hence φ' & ψ'  χ'
2895      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
2896      using "&E" "&I" "→E" "→I" by metis
2897  } note R = this
2898  show ?thesis by (rule R; fact AOT)
2899qed
2900
2901AOT_theorem "sign-S5-thm:6": (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
2902proof -
2903  {
2904    fix φ' ψ' χ'
2905    AOT_assume  φ' & ψ'  χ'
2906    AOT_hence φ' & ψ'  χ'
2907      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
2908      using "&E" "&I" "→E" "→I" by metis
2909  } note R = this
2910  show ?thesis by (rule R; fact AOT)
2911qed
2912
2913AOT_theorem "exist-nec2:1": τ  τ
2914  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
2915
2916AOT_theorem "exists-nec2:2": τ  τ
2917  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec" "exist-nec2:1" "≡I" "nec-imp-act")
2918
2919AOT_theorem "exists-nec2:3": ¬τ  ¬τ
2920  using "KBasic2:1" "deduction-theorem" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
2921
2922AOT_theorem "exists-nec2:4": ¬τ  ¬τ
2923  by (metis "Act-Sub:3" "KBasic:12" "deduction-theorem" "exist-nec" "exists-nec2:3" "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
2924
2925AOT_theorem "id-nec2:1": α = β  α = β
2926  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
2927
2928AOT_theorem "id-nec2:2": α  β  α  β
2929  apply (AOT_subst_using subst: "=-infix"[THEN "≡Df"])
2930  using "KBasic2:1" "deduction-theorem" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
2931
2932AOT_theorem "id-nec2:3": α  β  α  β
2933  apply (AOT_subst_using subst: "=-infix"[THEN "≡Df"])
2934  by (metis "KBasic:11" "deduction-theorem" "id-nec:2" "≡E"(3) "reductio-aa:2" "vdash-properties:6")
2935
2936AOT_theorem "id-nec2:4": α = β  α = β
2937  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
2938
2939AOT_theorem "id-nec2:5": α  β  α  β
2940  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
2941
2942AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
2943  apply (rule "≡I"; rule "→I")
2944  using "KBasic:13" "5◇" "Hypothetical Syllogism" "vdash-properties:10" apply blast
2945  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2) "raa-cor:5" "vdash-properties:6")
2946
2947AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
2948  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "deduction-theorem" "≡I" "nec-imp-act" "raa-cor:2" "vdash-properties:10")
2949
2950AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
2951proof (rule "→I"; rule "≡I"; rule "→I")
2952  AOT_assume (φ  φ)
2953  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
2954  moreover AOT_assume ¬φ
2955  ultimately AOT_have ¬φ
2956    using "modus-tollens:1" by blast
2957  AOT_thus ¬φ
2958    using "KBasic2:1" "≡E"(2) by blast
2959next
2960  AOT_assume (φ  φ)
2961  moreover AOT_assume ¬φ
2962  ultimately AOT_show ¬φ
2963    using "modus-tollens:1" "qml:2" "vdash-properties:10" "vdash-properties:1[2]" by blast
2964qed
2965
2966AOT_theorem "sc-eq-box-box:4": ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
2967proof(rule "→I"; rule "→I")
2968  AOT_assume θ: (φ  φ) & (ψ  ψ)
2969  AOT_assume ξ: φ  ψ
2970  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
2971    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
2972  moreover {
2973    AOT_assume φ & ψ
2974    AOT_hence (φ  ψ)
2975      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
2976  }
2977  moreover {
2978    AOT_assume ¬φ & ¬ψ
2979    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
2980      using θ "Conjunction Simplification"(1) "Conjunction Simplification"(2) "sc-eq-box-box:3" "vdash-properties:10" by metis+
2981    ultimately AOT_have ¬φ & ¬ψ
2982      by (metis "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "≡E"(4) "modus-tollens:1" "raa-cor:3")
2983    AOT_hence (φ  ψ)
2984      using "KBasic:3" "KBasic:9" "≡E"(2) "vdash-properties:10" by blast
2985  }
2986  ultimately AOT_show (φ  ψ)
2987    using "∨E"(2) "reductio-aa:1" by blast
2988qed
2989
2990AOT_theorem "sc-eq-box-box:5": ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
2991proof (rule "→I"; rule "→I")
2992  AOT_assume A: ((φ  φ) & (ψ  ψ))
2993  AOT_hence φ  φ and ψ  ψ
2994    using "&E" "qml:2"[axiom_inst] "→E" by blast+
2995  moreover AOT_assume φ  ψ
2996  ultimately AOT_have φ  ψ
2997    using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
2998  moreover AOT_have (φ  ψ)  (φ  ψ)
2999    using A "sc-eq-box-box:4" "→E" by blast
3000  ultimately AOT_show (φ  ψ) using "→E" by blast
3001qed
3002
3003AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3004proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3005  AOT_assume ¬(φ  ψ)
3006  AOT_hence 1: ¬(φ  ψ) by (metis "KBasic:11" "≡E"(1))
3007  AOT_have (φ & ¬ψ)
3008    apply (AOT_subst «φ & ¬ψ» «¬(φ  ψ)»)
3009     apply (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3010    by (fact 1)
3011  AOT_hence φ and 2: ¬ψ using "KBasic2:3"[THEN "→E"] "&E" by blast+
3012  moreover AOT_assume (φ  φ)
3013  ultimately AOT_have φ by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3014  AOT_hence φ using "qml:2"[axiom_inst, THEN "→E"] by blast
3015  moreover AOT_assume φ  ψ
3016  ultimately AOT_have ψ using "→E" by blast
3017  moreover AOT_have ¬ψ using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3018  ultimately AOT_show ψ & ¬ψ using "&I" by blast
3019qed
3020
3021AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3022proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3023  AOT_assume ¬𝒜(φ  ψ)
3024  AOT_hence 1: 𝒜¬(φ  ψ) by (metis "Act-Basic:1" "∨E"(2))
3025  AOT_have 𝒜(φ & ¬ψ)
3026    apply (AOT_subst «φ & ¬ψ» «¬(φ  ψ)»)
3027     apply (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3028    by (fact 1)
3029  AOT_hence 𝒜φ and 2: 𝒜¬ψ using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3030  AOT_hence φ by (metis "Act-Sub:3" "→E")
3031  moreover AOT_assume (φ  φ)
3032  ultimately AOT_have φ by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3033  AOT_hence φ using "qml:2"[axiom_inst, THEN "→E"] by blast
3034  moreover AOT_assume φ  𝒜ψ
3035  ultimately AOT_have 𝒜ψ using "→E" by blast
3036  moreover AOT_have ¬𝒜ψ using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3037  ultimately AOT_show 𝒜ψ & ¬𝒜ψ using "&I" by blast
3038qed
3039
3040AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3041  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3042
3043AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3044  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism" "deduction-theorem" "≡I" "nec-imp-act")
3045
3046AOT_theorem "sc-eq-fur:3": x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3047proof (rule "→I"; rule "→I")
3048  AOT_assume x (φ{x}  φ{x})
3049  AOT_hence A: x (φ{x}  φ{x}) using CBF "→E" by blast
3050  AOT_assume ∃!x φ{x}
3051  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3052    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3053  moreover AOT_have φ{a} using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3054  AOT_hence 𝒜φ{a} using "nec-imp-act" "vdash-properties:6" by blast
3055  moreover AOT_have y (𝒜φ{y}  y = a)
3056  proof (rule "∀I"; rule "→I")
3057    fix b
3058    AOT_assume 𝒜φ{b}
3059    AOT_hence φ{b}
3060      using "Act-Sub:3" "vdash-properties:6" by blast
3061    moreover {
3062      AOT_have (φ{b}  φ{b})
3063        using A "∀E"(2) by blast
3064      AOT_hence φ{b}  φ{b}
3065        using "KBasic:13" "5◇" "Hypothetical Syllogism" "vdash-properties:6" by blast
3066    }
3067    ultimately AOT_have φ{b} using "→E" by blast
3068    AOT_hence φ{b} using "qml:2"[axiom_inst] "→E" by blast
3069    AOT_thus b = a
3070      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3071  qed
3072  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3073    using "&I" by blast
3074  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x)) using "∃I" by fast
3075  AOT_hence ∃!x 𝒜φ{x} using "uniqueness:1"[THEN "≡dfI"] by fast
3076  AOT_thus ιx φ{x}
3077    using "actual-desc:1"[THEN "≡E"(2)] by blast
3078qed
3079
3080AOT_theorem "sc-eq-fur:4": x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3081proof (rule "→I")
3082  AOT_assume x (φ{x}  φ{x})
3083  AOT_hence x (φ{x}  φ{x}) using CBF "→E" by blast
3084  AOT_hence A: 𝒜φ{α}  φ{α} for α using "sc-eq-fur:2" "∀E" "→E" by fast
3085  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3086  proof (rule "≡I"; rule "→I")
3087    AOT_assume x = ιx φ{x}
3088    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3089      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3090    AOT_show φ{x} & z (φ{z}  z = x)
3091    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3092      AOT_show φ{x} using A B[THEN "&E"(1)] "≡E"(1) by blast
3093    next
3094      AOT_show z = x if φ{z} for z
3095        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3096    qed
3097  next
3098    AOT_assume B: φ{x} & z (φ{z}  z = x)
3099    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3100    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3101      AOT_show 𝒜φ{x} using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3102    next
3103      AOT_show b = x if 𝒜φ{b} for b
3104        using that A[THEN "≡E"(1)] B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3105    qed
3106    AOT_thus x = ιx φ{x}
3107      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3108  qed
3109qed
3110
3111AOT_theorem "id-act:1": α = β  𝒜α = β
3112  by (meson "Act-Sub:3" "Hypothetical Syllogism" "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3113
3114AOT_theorem "id-act:2": α  β  𝒜α  β
3115proof (AOT_subst "«α  β»" "«¬(α = β)»")
3116  AOT_modally_strict {
3117    AOT_show α  β  ¬(α = β)
3118      by (simp add: "=-infix" "≡Df")
3119  }
3120next
3121  AOT_show ¬(α = β)  𝒜¬(α = β)
3122  proof (safe intro!: "≡I" "→I")
3123    AOT_assume ¬α = β
3124    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3125    AOT_thus 𝒜¬α = β
3126      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3127  next
3128    AOT_assume 𝒜¬α = β
3129    AOT_hence ¬𝒜α = β
3130      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3131    AOT_thus ¬α = β
3132      using "id-act:1" "≡E"(4) by blast
3133  qed
3134qed
3135
3136AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3137proof -
3138  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3139    by (AOT_subst_using subst: "uniqueness:2")
3140       (simp add: "oth-class-taut:3:a")
3141  also AOT_have   α 𝒜β (φ{β}  β = α)
3142    by (simp add: "Act-Basic:10")
3143  also AOT_have   αβ 𝒜(φ{β}  β = α)
3144    by (AOT_subst "λ τ . «𝒜β (φ{β}  β = τ)»" "λ τ . «β 𝒜(φ{β}  β = τ)»")
3145       (auto simp: "logic-actual-nec:3" "vdash-properties:1[2]" "oth-class-taut:3:a")
3146  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3147    by (AOT_subst_rev "λ τ τ' . «𝒜(φ{τ'}  τ' = τ)»" "λ τ τ'. «𝒜φ{τ'}  𝒜τ' = τ»")
3148       (auto simp: "Act-Basic:5" "cqt-further:7")
3149  also AOT_have   αβ (𝒜φ{β}  β = α)
3150    apply (AOT_subst "λ τ τ' :: 'a . «𝒜τ' = τ»" "λ τ τ'. «τ' = τ»")
3151     apply (meson "id-act:1" "≡E"(6) "oth-class-taut:3:a")
3152    by (simp add: "cqt-further:7")
3153  also AOT_have ...  ∃!α 𝒜φ{α}
3154    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3155  finally show ?thesis .
3156qed
3157
3158AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3159  by (AOT_subst_using subst: "A-Exists:1")
3160     (simp add: "actual-desc:1")
3161
3162AOT_theorem "id-act-desc:1": ιx (x = y)
3163proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3164  AOT_show x E!x  E!x]ιx (x = y)
3165  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)]; rule "∃I"; (rule "&I")+)
3166    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3167  next
3168    AOT_show z (𝒜z = y  z = y)
3169      apply (rule "∀I")
3170      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3171  next
3172    AOT_show x E!x  E!x]y
3173    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3174      AOT_show x E!x  E!x]
3175        by "cqt:2[lambda]"
3176    next
3177      AOT_show E!y  E!y 
3178        by (simp add: "if-p-then-p")
3179    qed
3180  qed
3181next
3182  AOT_show x E!x  E!x]
3183    by "cqt:2[lambda]"
3184qed
3185
3186AOT_theorem "id-act-desc:2": y = ιx (x = y)
3187  by (rule descriptions[axiom_inst, THEN "≡E"(2)]; rule "∀I"; rule "id-act:1"[symmetric])
3188
3189AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3190  by (simp add: encoding "vdash-properties:1[2]")
3191
3192AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3193proof (rule "→I")
3194  AOT_assume x1x2[F]
3195  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3196    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3197  moreover AOT_have y [F]yx2] by "cqt:2[lambda]"
3198  moreover AOT_have y [F]x1y] by "cqt:2[lambda]"
3199  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3200    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3201  note A = this
3202  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3203    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3204  AOT_thus x1x2[F]
3205    by (rule "nary-encoding[2]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3206qed
3207
3208AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3209proof (rule "→I")
3210  AOT_assume x1x2x3[F]
3211  AOT_hence x1y [F]yx2x3] and x2y [F]x1yx3] and x3y [F]x1x2y]
3212    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3213  moreover AOT_have y [F]yx2x3] by "cqt:2[lambda]"
3214  moreover AOT_have y [F]x1yx3] by "cqt:2[lambda]"
3215  moreover AOT_have y [F]x1x2y] by "cqt:2[lambda]"
3216  ultimately AOT_have x1y [F]yx2x3] and x2y [F]x1yx3] and x3y [F]x1x2y]
3217    using encoding[axiom_inst, unvarify F] "→E" by blast+
3218  note A = this
3219  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3220    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3221  AOT_thus x1x2x3[F]
3222    by (rule "nary-encoding[3]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3223qed
3224
3225AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3226proof (rule "→I")
3227  AOT_assume x1x2x3x4[F]
3228  AOT_hence x1y [F]yx2x3x4] and x2y [F]x1yx3x4] and x3y [F]x1x2yx4] and  x4y [F]x1x2x3y]
3229    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3230  moreover AOT_have y [F]yx2x3x4] by "cqt:2[lambda]"
3231  moreover AOT_have y [F]x1yx3x4] by "cqt:2[lambda]"
3232  moreover AOT_have y [F]x1x2yx4] by "cqt:2[lambda]"
3233  moreover AOT_have y [F]x1x2x3y] by "cqt:2[lambda]"
3234  ultimately AOT_have x1y [F]yx2x3x4] and x2y [F]x1yx3x4] and x3y [F]x1x2yx4] and x4y [F]x1x2x3y]
3235    using "→E" encoding[axiom_inst, unvarify F] by blast+
3236  note A = this
3237  AOT_have B: (x1y [F]yx2x3x4] & x2y [F]x1yx3x4] & x3y [F]x1x2yx4] & x4y [F]x1x2x3y])
3238    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3239  AOT_thus x1x2x3x4[F]
3240    by (rule "nary-encoding[4]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3241qed
3242
3243AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
3244proof (rule "→I"; rule "raa-cor:1")
3245  AOT_assume ¬¬x1[F]
3246  AOT_hence x1[F]
3247    by (rule "conventions:5"[THEN "≡dfI"])
3248  AOT_hence x1[F]
3249    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3250  moreover AOT_assume ¬x1[F]
3251  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
3252qed
3253AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
3254proof (rule "→I"; rule "raa-cor:1")
3255  AOT_assume ¬¬x1x2[F]
3256  AOT_hence x1x2[F]
3257    by (rule "conventions:5"[THEN "≡dfI"])
3258  AOT_hence x1x2[F]
3259    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3260  moreover AOT_assume ¬x1x2[F]
3261  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
3262qed
3263
3264AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3265proof (rule "→I"; rule "raa-cor:1")
3266  AOT_assume ¬¬x1x2x3[F]
3267  AOT_hence x1x2x3[F]
3268    by (rule "conventions:5"[THEN "≡dfI"])
3269  AOT_hence x1x2x3[F]
3270    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3271  moreover AOT_assume ¬x1x2x3[F]
3272  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
3273qed
3274
3275AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3276proof (rule "→I"; rule "raa-cor:1")
3277  AOT_assume ¬¬x1x2x3x4[F]
3278  AOT_hence x1x2x3x4[F]
3279    by (rule "conventions:5"[THEN "≡dfI"])
3280  AOT_hence x1x2x3x4[F]
3281    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3282  moreover AOT_assume ¬x1x2x3x4[F]
3283  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
3284qed
3285
3286AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
3287  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
3288AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
3289  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
3290AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3291  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
3292AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3293  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
3294
3295AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
3296  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
3297AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
3298  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
3299AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
3300  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
3301AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
3302  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
3303
3304AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
3305  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[1]"] "≡I" by blast
3306AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
3307  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[2]"] "≡I" by blast
3308AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
3309  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[3]"] "≡I" by blast
3310AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
3311  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[4]"] "≡I" by blast
3312
3313AOT_theorem "en-eq:4[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3314  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3315  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
3316AOT_theorem "en-eq:4[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3317  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3318  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
3319AOT_theorem "en-eq:4[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3320  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3321  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
3322AOT_theorem "en-eq:4[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3323  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3324  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
3325
3326AOT_theorem "en-eq:5[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3327  apply (rule "≡I"; rule "→I")
3328  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3329  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3330        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]] by blast
3331AOT_theorem "en-eq:5[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3332  apply (rule "≡I"; rule "→I")
3333  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3334  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3335        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]] by blast
3336AOT_theorem "en-eq:5[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3337  apply (rule "≡I"; rule "→I")
3338  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3339  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3340        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]] by blast
3341AOT_theorem "en-eq:5[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3342  apply (rule "≡I"; rule "→I")
3343  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3344  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3345        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]] by blast
3346
3347AOT_theorem "en-eq:6[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3348  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
3349AOT_theorem "en-eq:6[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3350  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
3351AOT_theorem "en-eq:6[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3352  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
3353AOT_theorem "en-eq:6[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3354  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
3355
3356AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
3357  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
3358AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
3359  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
3360AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3361  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
3362AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3363  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
3364
3365AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
3366  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3367AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
3368  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3369AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3370  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3371AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3372  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3373
3374AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
3375  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
3376AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
3377  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
3378AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3379  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
3380AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3381  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
3382
3383AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
3384  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
3385AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
3386  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
3387AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
3388  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
3389AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
3390  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
3391
3392AOT_theorem "oa-facts:1": O!x  O!x
3393proof(rule "→I")
3394  AOT_modally_strict {
3395    AOT_have x E!x]x  E!x
3396      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
3397  } note θ = this
3398  AOT_assume O!x
3399  AOT_hence x E!x]x
3400    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2[lambda]"
3401  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
3402  AOT_hence 0: E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
3403  AOT_have x E!x]x
3404    by (AOT_subst_using subst: θ) (simp add: 0)
3405  AOT_thus O!x
3406    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2[lambda]"
3407qed
3408
3409AOT_theorem "oa-facts:2": A!x  A!x
3410proof(rule "→I")
3411  AOT_modally_strict {
3412    AOT_have x ¬E!x]x  ¬E!x
3413      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
3414  } note θ = this
3415  AOT_assume A!x
3416  AOT_hence x ¬E!x]x
3417    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
3418  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
3419  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
3420  AOT_hence 0: ¬E!x using "4"[THEN "→E"] by blast
3421  AOT_have 1: ¬E!x
3422    apply (AOT_subst "«¬E!x»" "«¬E!x»")
3423    using "KBasic2:1"[symmetric] apply blast
3424    using 0 by blast
3425  AOT_have x ¬E!x]x
3426    by (AOT_subst_using subst: θ) (simp add: 1)
3427  AOT_thus A!x
3428    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
3429qed
3430
3431AOT_theorem "oa-facts:3": O!x  O!x
3432  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
3433AOT_theorem "oa-facts:4": A!x  A!x
3434  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
3435
3436AOT_theorem "oa-facts:5": O!x  O!x
3437  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:1" "oa-facts:3")
3438
3439AOT_theorem "oa-facts:6": A!x  A!x
3440  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:2" "oa-facts:4")
3441
3442AOT_theorem "oa-facts:7": O!x  𝒜O!x
3443  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:1" "oa-facts:3")
3444
3445AOT_theorem "oa-facts:8": A!x  𝒜A!x
3446  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:2" "oa-facts:4")
3447
3448AOT_theorem "beta-C-meta": μ1...μn φ{μ1...μn, ν1...νn}]  (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
3449  using "lambda-predicates:2"[axiom_inst] by blast
3450
3451AOT_theorem "beta-C-cor:1": (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}]))  ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
3452  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
3453  using "beta-C-meta" "∀I" by fast
3454
3455AOT_theorem "beta-C-cor:2": μ1...μn φ{μ1...μn}]  ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
3456  apply (rule "→I"; rule "∀I")
3457  using "beta-C-meta"[THEN "→E"] by fast
3458
3459(* TODO: syntax + double-check if this is really a faithful representation *)
3460theorem "beta-C-cor:3": assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
3461  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn,μ1...μn}]ν1...νn  φ{ν1...νn,ν1...νn})]
3462  using "cqt:2[lambda]"[axiom_inst, OF assms] "beta-C-cor:1"[THEN "→E"] "∀I" by fast
3463
3464AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
3465proof -
3466  AOT_modally_strict {
3467    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
3468    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
3469      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
3470    ultimately AOT_show φ{κ1...κn}
3471      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
3472  }
3473qed
3474
3475AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
3476  using "betaC:1:a" "raa-cor:3" by blast
3477
3478lemmas "β→C" = "betaC:1:a" "betaC:1:b"
3479
3480AOT_theorem "betaC:2:a": μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn}  μ1...μn φ{μ1...μn}]κ1...κn
3481proof -
3482  AOT_modally_strict {
3483    AOT_assume 1: μ1...μn φ{μ1...μn}] and 2: κ1...κn and 3: φ{κ1...κn}
3484    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
3485      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)] by blast
3486  }
3487  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn}  μ1...μn φ{μ1...μn}]κ1...κn
3488    by blast
3489qed
3490
3491AOT_theorem "betaC:2:b": μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn  ¬φ{κ1...κn}
3492  using "betaC:2:a" "raa-cor:3" by blast
3493
3494lemmas "β←C" = "betaC:2:a" "betaC:2:b"
3495
3496AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
3497  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
3498
3499AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
3500  using "eta-conversion-lemma1:1". (* TODO: spurious in the embedding *)
3501
3502(* match (τ) in "λa . ?b" ⇒ ‹match (τ') in "λa . ?b" ⇒ ‹fail›› ¦ _ ⇒ ‹ *)
3503
3504text‹Note: not explicitly part of PLM.›
3505AOT_theorem id_sym: assumes τ = τ' shows τ' = τ
3506  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
3507        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
3508declare id_sym[sym]
3509
3510text‹Note: not explicitly part of PLM.›
3511AOT_theorem id_trans: assumes τ = τ' and τ' = τ'' shows τ = τ''
3512  using "rule=E" assms by blast
3513declare id_trans[trans]
3514
3515method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> = (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  3516rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"[THEN "→E", of v "«[Π]»", symmetric]]
3517)
3518(*
3519AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
3520  apply ("ηC" "«[P]»") defer
3521   apply ("ηC" "«[S]»") defer
3522  oops
3523*)
3524(* TODO: proper representation of eta_conversion_lemma2 *)
3525
3526AOT_theorem "sub-des-lam:1": z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}  z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
3527proof(rule "→I")
3528  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
3529  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
3530    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, τ}]»",
3531               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
3532    by blast
3533qed
3534
3535AOT_theorem "sub-des-lam:2": ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
3536  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»", OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
3537
3538AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
3539proof(rule "≡I"; rule "→I")
3540  AOT_assume F = G
3541  AOT_thus x (x[F]  x[G])
3542    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
3543next
3544  AOT_assume x (x[F]  x[G])
3545  AOT_hence x[F]  x[G] for x using "∀E" by blast
3546  AOT_hence (x[F]  x[G]) for x using "en-eq:6[1]"[THEN "≡E"(1)] by blast
3547  AOT_hence x (x[F]  x[G]) by (rule GEN)
3548  AOT_hence x (x[F]  x[G]) using BF[THEN "→E"] by fast
3549  AOT_thus "F = G" using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
3550qed
3551
3552AOT_theorem "relations:1":
3553  assumes INSTANCE_OF_CQT_2(φ)
3554  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
3555  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
3556  using "cqt:2[lambda]"[OF assms, axiom_inst] "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
3557
3558AOT_theorem "relations:2":
3559  assumes INSTANCE_OF_CQT_2(φ)
3560  shows F x ([F]x  φ{x})
3561  using "relations:1" assms by blast
3562
3563AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
3564proof(rule RAA(2))
3565  let ="λ τ. «G (τ[G] & ¬[G]τ)»"
3566  AOT_assume A: x « x»]
3567  AOT_have x (A!x & F (x[F]  F = x « x»]))
3568    using "A-objects"[axiom_inst] by fast
3569  then AOT_obtain a where ξ: A!a & F (a[F]  F = x « x»])
3570    using "∃E"[rotated] by blast
3571  AOT_show ¬x G (x[G] & ¬[G]x)]
3572  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3573    AOT_assume B: x « x»]a
3574    AOT_hence G (a[G] & ¬[G]a) using "β→C" A by blast
3575    then AOT_obtain P where a[P] & ¬[P]a using "∃E"[rotated] by blast
3576    moreover AOT_have P = x « x»]
3577      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] calculation[THEN "&E"(1)] by blast
3578    ultimately AOT_have ¬x « x»]a
3579      using "rule=E" "&E"(2) by fast
3580    AOT_thus ¬x G (x[G] & ¬[G]x)] using B RAA by blast
3581  next
3582    AOT_assume B: ¬x « x»]a
3583    AOT_hence ¬G (a[G] & ¬[G]a) using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
3584    AOT_hence C: G ¬(a[G] & ¬[G]a) using "cqt-further:4"[THEN "→E"] by blast
3585    AOT_have G (a[G]  [G]a)
3586      by (AOT_subst "λ Π . «a[Π]  [Π]a»" "λ Π . «¬(a[Π] & ¬[Π]a)»")
3587         (auto simp: "oth-class-taut:1:a" C)
3588    AOT_hence ax « x»]  x « x»]a using "∀E" A by blast
3589    moreover AOT_have ax « x»] using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
3590      using "=I"(1)[OF A] by blast
3591    ultimately AOT_show ¬x G (x[G] & ¬[G]x)] using B "→E" RAA by blast
3592  qed
3593qed(simp)
3594
3595AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
3596proof(rule RAA(2))
3597  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
3598  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x)) using "∃E"[rotated] by blast
3599  AOT_have x (A!x & G (x[G]  G = F))
3600    using "A-objects"[axiom_inst] by fast
3601  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
3602    using "∃E"[rotated] by blast
3603  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
3604  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3605    AOT_assume B: [F]a
3606    AOT_hence G (a[G] & ¬[G]a) using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
3607    then AOT_obtain P where a[P] & ¬[P]a using "∃E"[rotated] by blast
3608    moreover AOT_have P = F
3609      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] calculation[THEN "&E"(1)] by blast
3610    ultimately AOT_have ¬[F]a
3611      using "rule=E" "&E"(2) by fast
3612    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x)) using B RAA by blast
3613  next
3614    AOT_assume B: ¬[F]a
3615    AOT_hence ¬G (a[G] & ¬[G]a)
3616      using "oth-class-taut:4:b"[THEN "≡E"(1), OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)] by simp
3617    AOT_hence C: G ¬(a[G] & ¬[G]a) using "cqt-further:4"[THEN "→E"] by blast
3618    AOT_have G (a[G]  [G]a)
3619      by (AOT_subst "λ Π . «a[Π]  [Π]a»" "λ Π . «¬(a[Π] & ¬[Π]a)»")
3620         (auto simp: "oth-class-taut:1:a" C)
3621    AOT_hence a[F]  [F]a using "∀E" by blast
3622    moreover AOT_have a[F] using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
3623      using "=I"(2) by blast
3624    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x)) using B "→E" RAA by blast
3625  qed
3626qed(simp)
3627
3628AOT_theorem "block-paradox:3": ¬y z z = y]
3629proof(rule RAA(2))
3630  AOT_assume θ: y z z = y]
3631  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
3632    using "A-objects"[axiom_inst] by force
3633  then AOT_obtain a where a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
3634    using "∃E"[rotated] by blast
3635  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
3636    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
3637  AOT_show ¬y z z = y]
3638  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3639    AOT_assume A: az z = a]
3640    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
3641      using ζ[THEN "≡E"(1)] by blast
3642    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
3643      using "∃E"[rotated] by blast
3644    moreover AOT_have a = a by (rule "=I")
3645    moreover AOT_have z z = a] using θ "∀E" by blast
3646    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
3647    ultimately AOT_have z z = a]a using "β←C" by blast
3648    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
3649    AOT_hence a = b using "β→C" by blast
3650    AOT_hence bz z = a] using A "rule=E" by fast
3651    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
3652  next
3653    AOT_assume A: ¬az z = a]
3654    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
3655      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
3656    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
3657      using "cqt-further:4"[THEN "→E"] by blast
3658    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
3659      using "∀E" by blast
3660    AOT_hence z z = a] = z z = a]  az z = a]
3661      by (metis "&I" "deduction-theorem" "raa-cor:4")
3662    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
3663    AOT_thus ¬y z z = y] using A RAA by blast
3664  qed
3665qed(simp)
3666
3667AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
3668proof(rule RAA(2))
3669  AOT_assume θ: y F x([F]x  x = y)
3670  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
3671    using "A-objects"[axiom_inst] by force
3672  then AOT_obtain a where a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
3673    using "∃E"[rotated] by blast
3674  AOT_obtain F where F_prop: x ([F]x  x = a) using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
3675  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
3676    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
3677  AOT_show ¬y F x([F]x  x = y)
3678  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3679    AOT_assume A: a[F]
3680    AOT_hence z (y ([F]y  y = z) & ¬z[F])
3681      using ζ[THEN "≡E"(1)] by blast
3682    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
3683      using "∃E"[rotated] by blast
3684    moreover AOT_have [F]a using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
3685    ultimately AOT_have a = b using "∀E"(2) "≡E"(1) "&E" by fast
3686    AOT_hence a = b using "β→C" by blast
3687    AOT_hence b[F] using A "rule=E" by fast
3688    AOT_thus ¬y F x([F]x  x = y) using b_prop[THEN "&E"(2)] RAA by blast
3689  next
3690    AOT_assume A: ¬a[F]
3691    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
3692      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
3693    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
3694      using "cqt-further:4"[THEN "→E"] by blast
3695    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
3696      using "∀E" by blast
3697    AOT_hence y ([F]y  y = a)  a[F]
3698      by (metis "&I" "deduction-theorem" "raa-cor:4")
3699    AOT_hence a[F] using F_prop "→E" by blast
3700    AOT_thus ¬y F x([F]x  x = y) using A RAA by blast
3701  qed
3702qed(simp)
3703
3704AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
3705proof(rule "raa-cor:2")
3706  AOT_assume Fxy([F]xy  y = x)
3707  then AOT_obtain F where F_prop: xy([F]xy  y = x) using "∃E"[rotated] by blast
3708  {
3709    fix x
3710    AOT_have 1: y([F]xy  y = x) using F_prop "∀E" by blast
3711    AOT_have 2: z [F]xz] by "cqt:2[lambda]"
3712    moreover AOT_have y(z [F]xz]y  y = x)
3713    proof(rule "∀I")
3714      fix y
3715      AOT_have z [F]xz]y  [F]xy
3716        using "beta-C-meta"[THEN "→E"] 2 by fast
3717      also AOT_have ...  y = x using 1 "∀E"
3718        by fast
3719      finally AOT_show z [F]xz]y  y = x.
3720    qed
3721    ultimately AOT_have Fy([F]y  y = x)
3722      using "∃I" by fast
3723  }
3724  AOT_hence xFy([F]y  y = x)
3725    by (rule GEN)
3726  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
3727    using "&I" "block-paradox:4" by blast
3728qed
3729
3730AOT_act_theorem "block-paradox2:1": x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3731proof(rule "→I"; rule "raa-cor:2")
3732  AOT_assume antecedant: x [G]x
3733  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
3734  proof(rule GEN)
3735    fix x
3736    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x))  ∃!y (y = x & H (x[H] & ¬[H]x))
3737    proof(rule "≡I"; rule "→I")
3738      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
3739      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
3740        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
3741      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
3742        using "1-exists:1"[THEN "≡E"(1)] by blast
3743    next
3744      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
3745      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x) and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
3746        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
3747      AOT_have a_3: [G]a
3748        using antecedant "∀E" by blast
3749      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
3750        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
3751        apply (rule "∃I"(2))
3752        using a_1 a_2 a_3 "&I" by blast
3753    qed
3754    also AOT_have B: ...  H (x[H] & ¬[H]x)
3755    proof (rule "≡I"; rule "→I")
3756      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
3757      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
3758        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
3759      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
3760    next
3761      AOT_assume H (x[H] & ¬[H]x)
3762      AOT_hence x = x & H (x[H] & ¬[H]x)
3763        using "id-eq:1" "&I" by blast
3764      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
3765        by (simp add: "Conjunction Simplification"(1) "universal-cor")
3766      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
3767        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
3768    qed
3769    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
3770  qed
3771
3772  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3773  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  [G]ιy(y = x & H (x[H] & ¬[H]x)))
3774    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
3775  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
3776    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
3777  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
3778    using "∃I"(1) A by fast
3779  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) & (¬F x ([F]x  H (x[H] & ¬[H]x)))
3780    using "block-paradox:2" "&I" by blast
3781qed
3782
3783AOT_act_theorem "block-paradox2:2": G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3784proof(rule "∃I"(1))
3785  AOT_have 0: x p (p p)]
3786    by "cqt:2[lambda]"
3787  moreover AOT_have x x p (p p)]x
3788    apply (rule GEN)
3789    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
3790    using "if-p-then-p" GEN by fast
3791  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
3792      using "block-paradox2:1" "∀I" by fast
3793  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
3794    using "∀E"(1) "→E" by blast
3795qed("cqt:2[lambda]")
3796
3797AOT_theorem propositions: p (p  φ)
3798proof(rule "∃I"(1))
3799  AOT_show (φ  φ)
3800    by (simp add: RN "oth-class-taut:3:a")
3801next
3802  AOT_show φ
3803    by (simp add: "log-prop-prop:2")
3804qed
3805
3806AOT_theorem "pos-not-equiv-ne:1": (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
3807proof (rule "→I")
3808  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
3809  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
3810    using "KBasic:11"[THEN "≡E"(2)] by blast
3811  AOT_hence ¬(F = G)
3812    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
3813  AOT_thus F  G
3814    using "=-infix"[THEN "≡dfI"] by blast
3815qed
3816
3817AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
3818proof (rule "→I")
3819  AOT_modally_strict {
3820    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
3821    proof (rule "→I"; rule "raa-cor:2")
3822      AOT_assume 1: F = G
3823      AOT_hence φ{F}  φ{G} using "l-identity"[axiom_inst, THEN "→E"] by blast
3824      moreover {
3825        AOT_have G = F using 1 id_sym by blast
3826        AOT_hence φ{G}  φ{F} using "l-identity"[axiom_inst, THEN "→E"] by blast
3827      }
3828      ultimately AOT_have φ{F}  φ{G} using "≡I" by blast
3829      moreover AOT_assume ¬(φ{F}  φ{G})
3830      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
3831        using "&I" by blast
3832    qed
3833  }
3834  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
3835    using "RM:2[prem]" by blast
3836  moreover AOT_assume ¬(φ{F}  φ{G})
3837  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
3838  AOT_have (F  G)
3839    by (AOT_subst "«F  G»" "«¬(F = G)»")
3840       (auto simp: "=-infix" "≡Df" 0)
3841  AOT_thus F  G
3842    using "id-nec2:3"[THEN "→E"] by blast
3843qed
3844
3845AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
3846proof (rule "→I")
3847  AOT_modally_strict {
3848    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
3849    proof (rule "→I"; rule "raa-cor:2")
3850      AOT_assume 1: p = q
3851      AOT_hence φ{p}  φ{q} using "l-identity"[axiom_inst, THEN "→E"] by blast
3852      moreover {
3853        AOT_have q = p using 1 id_sym by blast
3854        AOT_hence φ{q}  φ{p} using "l-identity"[axiom_inst, THEN "→E"] by blast
3855      }
3856      ultimately AOT_have φ{p}  φ{q} using "≡I" by blast
3857      moreover AOT_assume ¬(φ{p}  φ{q})
3858      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
3859        using "&I" by blast
3860    qed
3861  }
3862  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
3863    using "RM:2[prem]" by blast
3864  moreover AOT_assume ¬(φ{p}  φ{q})
3865  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
3866  AOT_have (p  q)
3867    by (AOT_subst "«p  q»" "«¬(p = q)»")
3868       (auto simp: 0 "=-infix" "≡Df")
3869  AOT_thus p  q
3870    using "id-nec2:3"[THEN "→E"] by blast
3871qed
3872
3873AOT_theorem "pos-not-equiv-ne:3": (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
3874  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
3875
3876AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
3877  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
3878
3879AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
3880  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"] "T◇"[THEN "→E"] by blast
3881
3882AOT_define relation_negation ::  Π" ("_-")
3883  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
3884
3885nonterminal φneg
3886syntax "" :: "φneg  τ" ("_")
3887syntax "" :: "φneg  φ" ("'(_')")
3888
3889AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
3890  "df-relation-negation[zero]": "(p)- =df  ¬p]"
3891
3892AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
3893  by "cqt:2[lambda]"
3894
3895AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
3896  using "cqt:2[lambda0]"[axiom_inst] by blast
3897
3898AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
3899  using "=I"(1)[OF "rel-neg-T:1"]
3900  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
3901
3902AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
3903  using "=I"(1)[OF "rel-neg-T:1[zero]"]
3904  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
3905
3906AOT_theorem "rel-neg-T:3": [Π]-
3907  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"] "rel-neg-T:1" by blast
3908
3909AOT_theorem "rel-neg-T:3[zero]": (φ)-
3910  using "log-prop-prop:2" by blast
3911(*  using "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"] "rel-neg-T:1[zero]" by blast *)
3912
3913(* Note: PLM states the zero place case twice *)
3914AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
3915proof -
3916  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
3917    using "rule=E"[rotated, OF "rel-neg-T:2"] "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
3918    "→I" "≡I" by fast
3919  also AOT_have ...  ¬[F]x1...xn
3920    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
3921  finally show ?thesis.
3922qed
3923
3924AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
3925  apply (AOT_subst "«[F]x1...xn»" "«¬¬[F]x1...xn»")
3926   apply (simp add: "oth-class-taut:3:b")
3927  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
3928  using "thm-relation-negation:1".
3929
3930AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
3931proof -
3932  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
3933  AOT_hence ((p)-)   ¬p]
3934    using "df-relation-negation[zero]" "log-prop-prop:2" "oth-class-taut:3:a" "rule-id-def:2:a" by blast
3935  also AOT_have  ¬p]  ¬p
3936    by (simp add: "propositions-lemma:2")
3937  finally show ?thesis.
3938qed
3939
3940AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
3941  using "thm-relation-negation:3"[THEN "≡E"(1)]
3942        "thm-relation-negation:3"[THEN "≡E"(2)]
3943        "≡I" "→I" RAA by metis
3944
3945AOT_theorem "thm-relation-negation:5": [F]  [F]-
3946proof -
3947  AOT_have ¬([F] = [F]-)
3948  proof (rule RAA(2))
3949    AOT_show [F]x1...xn  [F]x1...xn for x1xn
3950      using "if-p-then-p".
3951  next
3952    AOT_assume [F] = [F]-
3953    AOT_hence [F]- = [F] using id_sym by blast
3954    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
3955      using "rule=E" "thm-relation-negation:1" by fast
3956    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
3957      using "≡E" RAA by metis
3958  qed
3959  thus ?thesis
3960    using "≡dfI" "=-infix" by blast
3961qed
3962
3963AOT_theorem "thm-relation-negation:6": p  (p)-
3964proof -
3965  AOT_have ¬(p = (p)-)
3966  proof (rule RAA(2))
3967    AOT_show p  p
3968      using "if-p-then-p".
3969  next
3970    AOT_assume p = (p)-
3971    AOT_hence (p)- = p using id_sym by blast
3972    AOT_hence p  ¬p
3973      using "rule=E" "thm-relation-negation:3" by fast
3974    AOT_thus ¬(p  p)
3975      using "≡E" RAA by metis
3976  qed
3977  thus ?thesis
3978    using "≡dfI" "=-infix" by blast
3979qed
3980
3981AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
3982  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
3983  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]" "propositions-lemma:1" id_trans by blast+
3984
3985AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
3986proof(rule "→I")
3987  AOT_assume p = q
3988  moreover AOT_have (¬p) using "log-prop-prop:2".
3989  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
3990  ultimately AOT_show (¬p) = (¬q)
3991    using "rule=E" by fast
3992qed
3993
3994AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
3995proof(rule "→I")
3996  AOT_assume p = q
3997  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
3998  AOT_thus (p)- = (q)-
3999    using "thm-relation-negation:7" id_sym id_trans by metis
4000qed
4001
4002AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4003  "contingent-properties:1": Necessary([F]) df x1...∀xn [F]x1...xn
4004
4005AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4006  "contingent-properties:1[zero]": Necessary0(p) df p
4007
4008AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4009  "contingent-properties:2": Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
4010
4011AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
4012  "contingent-properties:2[zero]": Impossible0(p) df ¬p
4013
4014AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
4015  "contingent-properties:3": NonContingent([F]) df Necessary([F])  Impossible([F])
4016
4017AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
4018  "contingent-properties:3[zero]": NonContingent0(p) df Necessary0(p)  Impossible0(p)
4019
4020AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
4021  "contingent-properties:4": Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
4022
4023AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
4024  "contingent-properties:4[zero]": Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
4025
4026
4027AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
4028proof (rule "≡I"; rule "→I")
4029  AOT_assume NonContingent([F])
4030  AOT_hence Necessary([F])  Impossible([F])
4031    using "≡dfE"[OF "contingent-properties:3"] by blast
4032  moreover {
4033    AOT_assume Necessary([F])
4034    AOT_hence (x1...∀xn [F]x1...xn)
4035      using "≡dfE"[OF "contingent-properties:1"] by blast
4036    moreover AOT_modally_strict {
4037      AOT_assume x1...∀xn [F]x1...xn
4038      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
4039      AOT_hence ¬[F]-x1...xn for x1xn
4040        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:2" "≡E"(1))
4041      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
4042    }
4043    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
4044      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
4045    AOT_hence Impossible([F]-)
4046      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "rel-neg-T:3", THEN "≡E"(2)]
4047      by blast
4048  }
4049  moreover {
4050    AOT_assume Impossible([F])
4051    AOT_hence (x1...∀xn ¬[F]x1...xn)
4052      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
4053      by blast
4054    moreover AOT_modally_strict {
4055      AOT_assume x1...∀xn ¬[F]x1...xn
4056      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
4057      AOT_hence [F]-x1...xn for x1xn
4058        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:1" "≡E"(1))
4059      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
4060    }
4061    ultimately AOT_have (x1...∀xn [F]-x1...xn)
4062      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
4063    AOT_hence Necessary([F]-)
4064      using "≡dfI"[OF "contingent-properties:1"] by blast
4065  }
4066  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
4067    using "∨E"(1) "∨I" "→I" by metis
4068  AOT_thus NonContingent([F]-)
4069    using "≡dfI"[OF "contingent-properties:3"] by blast
4070next
4071  AOT_assume NonContingent([F]-)
4072  AOT_hence Necessary([F]-)  Impossible([F]-)
4073    using "≡dfE"[OF "contingent-properties:3"] by blast
4074  moreover {
4075    AOT_assume Necessary([F]-)
4076    AOT_hence (x1...∀xn [F]-x1...xn)
4077      using "≡dfE"[OF "contingent-properties:1"] by blast
4078    moreover AOT_modally_strict {
4079      AOT_assume x1...∀xn [F]-x1...xn
4080      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
4081      AOT_hence ¬[F]x1...xn for x1xn
4082        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:1" "≡E"(2))
4083      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
4084    }
4085    ultimately AOT_have x1...∀xn ¬[F]x1...xn
4086      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
4087    AOT_hence Impossible([F])
4088      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
4089      by blast
4090  }
4091  moreover {
4092    AOT_assume Impossible([F]-)
4093    AOT_hence (x1...∀xn ¬[F]-x1...xn)
4094      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "rel-neg-T:3", THEN "≡E"(1)]
4095      by blast
4096    moreover AOT_modally_strict {
4097      AOT_assume x1...∀xn ¬[F]-x1...xn
4098      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
4099      AOT_hence [F]x1...xn for x1xn 
4100        using "thm-relation-negation:1"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4101              "useful-tautologies:1"[THEN "→E"] by blast
4102      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
4103    }
4104    ultimately AOT_have (x1...∀xn [F]x1...xn)
4105      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
4106    AOT_hence Necessary([F])
4107      using "≡dfI"[OF "contingent-properties:1"] by blast
4108  }
4109  ultimately AOT_have Necessary([F])  Impossible([F])
4110    using "∨E"(1) "∨I" "→I" by metis
4111  AOT_thus NonContingent([F])
4112    using "≡dfI"[OF "contingent-properties:3"] by blast
4113qed
4114
4115AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
4116proof -
4117  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
4118    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst]]
4119    by blast
4120  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
4121    using "oth-class-taut:5:d" by fastforce
4122  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
4123    by (simp add: "Commutativity of &")
4124  also AOT_have ...  x [F]x & ¬Necessary([F])
4125  proof (rule "oth-class-taut:4:e"[THEN "→E"])
4126    AOT_have ¬Impossible([F])  ¬¬ x [F]x
4127      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4128      apply (AOT_subst "«x [F]x»" "«¬ x ¬[F]x»")
4129       apply (simp add: "conventions:4" "≡Df")
4130      apply (AOT_subst_rev "«x ¬[F]x»" "«¬¬x ¬[F]x»" )
4131       apply (simp add: "oth-class-taut:3:b")
4132      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst]] by blast
4133    also AOT_have ...  x [F]x
4134      using "conventions:5"[THEN "≡Df", symmetric] by blast
4135    finally AOT_show ¬Impossible([F])  x [F]x .
4136  qed
4137  also AOT_have ...  x [F]x & x ¬[F]x
4138  proof (rule "oth-class-taut:4:f"[THEN "→E"])
4139    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
4140      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4141      apply (AOT_subst "«x ¬[F]x»" "«¬ x ¬¬[F]x»")
4142       apply (simp add: "conventions:4" "≡Df")
4143      apply (AOT_subst_rev "λ κ . «[F]κ»" "λ κ . «¬¬[F]κ»")
4144       apply (simp add: "oth-class-taut:3:b")
4145      apply (AOT_subst_rev "«x [F]x»" "«¬¬x [F]x»")
4146      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
4147    also AOT_have ...  x ¬[F]x
4148      using "conventions:5"[THEN "≡Df", symmetric] by blast
4149    finally AOT_show ¬Necessary([F])  x ¬[F]x.
4150  qed
4151  finally show ?thesis.
4152qed
4153
4154AOT_theorem "thm-cont-prop:3": Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
4155proof -
4156  {
4157    fix Π :: <κ>
4158    AOT_assume Π
4159    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
4160      using "thm-cont-prop:2" GEN by fast
4161    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
4162      using "thm-cont-prop:2" "∀E" by fast
4163  } note 1 = this
4164  AOT_have Contingent([F])  x [F]x & x ¬[F]x
4165    using "thm-cont-prop:2" by blast
4166  also AOT_have ...  x ¬[F]x & x [F]x
4167    by (simp add: "Commutativity of &")
4168  also AOT_have ...  x [F]-x & x [F]x
4169    by (AOT_subst "λ κ . «[F]-κ»"  "λκ . «¬[F]κ»")
4170       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
4171  also AOT_have ...  x [F]-x & x ¬[F]-x
4172    by (AOT_subst_rev "λ κ . «¬[F]-κ»"  "λκ . «[F]κ»")
4173       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
4174  also AOT_have ...  Contingent([F]-)
4175    using 1[OF "rel-neg-T:3", symmetric] by blast
4176  finally show ?thesis.
4177qed
4178
4179AOT_define concrete_if_concrete :: ‹Π› ("L")  L_def: L =df x E!x  E!x]
4180
4181AOT_theorem "thm-noncont-e-e:1": Necessary(L)
4182proof -
4183  AOT_modally_strict {
4184    fix x
4185    AOT_have x E!x  E!x] by "cqt:2[lambda]"
4186    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
4187    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
4188    ultimately AOT_have x E!x  E!x]x
4189      using "β←C" by blast
4190  }
4191  AOT_hence 0: x x E!x  E!x]x
4192    using RN GEN by blast
4193  show ?thesis
4194    apply (rule "=dfI"(2)[OF L_def])
4195     apply "cqt:2[lambda]"
4196    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
4197qed
4198
4199AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
4200proof -
4201  AOT_modally_strict {
4202    fix x
4203
4204    AOT_have 0: F (¬[F]-x  [F]x)
4205      using "thm-relation-negation:2" GEN by fast
4206    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
4207      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
4208    moreover {
4209      AOT_have x E!x  E!x] by "cqt:2[lambda]"
4210      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
4211      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
4212      ultimately AOT_have x E!x  E!x]x
4213        using "β←C" by blast
4214    }
4215    ultimately AOT_have ¬x E!x  E!x]-x
4216      using "≡E" by blast
4217  }
4218  AOT_hence 0: x ¬x E!x  E!x]-x
4219    using RN GEN by fast
4220  show ?thesis
4221    apply (rule "=dfI"(2)[OF L_def])
4222     apply "cqt:2[lambda]"
4223    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
4224     using "rel-neg-T:3"
4225     apply blast
4226    using 0
4227    by blast
4228qed
4229
4230AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
4231  using "thm-noncont-e-e:1"
4232  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
4233
4234AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
4235proof -
4236  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
4237    using "thm-cont-prop:1" "∀I" by fast
4238  moreover AOT_have 1: L
4239    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4240  AOT_show NonContingent([L]-)
4241    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
4242qed
4243
4244AOT_theorem "thm-noncont-e-e:5": F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
4245proof (rule "∃I")+
4246  {
4247    AOT_have F [F]  [F]- using "thm-relation-negation:5" GEN by fast
4248    moreover AOT_have L
4249      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4250    ultimately AOT_have L  [L]- using "∀E" by blast
4251  }
4252  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
4253    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
4254next
4255  AOT_show [L]-
4256    using "rel-neg-T:3" by blast
4257next
4258  AOT_show L
4259      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4260qed
4261
4262AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
4263proof -
4264  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
4265    using "BF◇" "CBF◇" "≡I" by blast
4266  also AOT_have   x ([F]x &  ¬[F]x)
4267    by (AOT_subst λκ. «([F]κ & ¬[F]κ)»  λ κ .  «[F]κ &  ¬[F]κ»)
4268       (auto simp: "S5Basic:11" "cqt-further:7")
4269  also AOT_have   x (¬[F]x & [F]x)
4270    by (AOT_subst λκ. «¬[F]κ & [F]κ»  λ κ .  «[F]κ & ¬[F]κ»)
4271       (auto simp: "Commutativity of &" "cqt-further:7")
4272  also AOT_have   x (¬[F]x & [F]x)
4273    by (AOT_subst λ κ .  «(¬[F]κ & [F]κ)» λκ. «¬[F]κ & [F]κ»)
4274       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
4275  also AOT_have   x (¬[F]x & [F]x)
4276    using "BF◇" "CBF◇" "≡I" by fast
4277  finally show ?thesis.
4278qed
4279
4280AOT_theorem "lem-cont-e:2": x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
4281proof -
4282  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
4283    using "lem-cont-e:1".
4284  also AOT_have   x ([F]-x & ¬[F]-x)
4285    apply (AOT_subst "λ κ . «¬[F]-κ»" "λ κ . «[F]κ»")
4286     apply (simp add: "thm-relation-negation:2")
4287    apply (AOT_subst "λ κ . «[F]-κ»" "λ κ . «¬[F]κ»")
4288     apply (simp add: "thm-relation-negation:1")
4289    by (simp add: "oth-class-taut:3:a")
4290  finally show ?thesis.
4291qed
4292
4293AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
4294proof (rule "CBF◇"[THEN "→E"])
4295  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
4296  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
4297  AOT_hence θ: E!a & ¬𝒜E!a
4298    using "KBasic2:3"[THEN "→E"] by blast
4299  AOT_have ξ: E!a & 𝒜¬E!a
4300    by (AOT_subst  "«𝒜¬E!a»" "«¬𝒜E!a»")
4301       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
4302  AOT_have ζ: E!a & 𝒜¬E!a
4303    by (AOT_subst "«𝒜¬E!a»" "«𝒜¬E!a»")
4304       (auto simp add: "Act-Sub:4" ξ)
4305  AOT_hence E!a & ¬E!a
4306    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
4307  AOT_hence (E!a & ¬E!a) using "S5Basic:11"[THEN "≡E"(2)] by simp
4308  AOT_thus x (E!x & ¬E!x) using "∃I"(2) by fast
4309qed
4310
4311AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
4312proof -
4313  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
4314    using "lem-cont-e:1" GEN by fast
4315  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
4316    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
4317  thus ?thesis using "thm-cont-e:1" "≡E" by blast
4318qed
4319
4320AOT_theorem "thm-cont-e:3": x E!x
4321proof (rule "CBF◇"[THEN "→E"])
4322  AOT_obtain a where (E!a & ¬E!a)
4323    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
4324  AOT_hence E!a
4325    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
4326  AOT_thus x E!x using "∃I" by fast
4327qed
4328
4329AOT_theorem "thm-cont-e:4": x ¬E!x
4330proof (rule "CBF◇"[THEN "→E"])
4331  AOT_obtain a where (E!a & ¬E!a)
4332    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
4333  AOT_hence ¬E!a
4334    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
4335  AOT_hence ¬E!a
4336    using "4◇"[THEN "→E"] by blast
4337  AOT_thus x ¬E!x using "∃I" by fast
4338qed
4339
4340AOT_theorem "thm-cont-e:5": Contingent([E!])
4341proof -
4342  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
4343    using "thm-cont-prop:2" GEN by fast
4344  AOT_hence Contingent([E!])  x E!x & x ¬E!x
4345    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
4346  thus ?thesis
4347    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
4348qed
4349
4350AOT_theorem "thm-cont-e:6": Contingent([E!]-)
4351proof -
4352  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
4353    using "thm-cont-prop:3" GEN by fast
4354  AOT_hence Contingent([E!])  Contingent([E!]-)
4355    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
4356  thus ?thesis using "thm-cont-e:5" "≡E" by blast
4357qed
4358
4359AOT_theorem "thm-cont-e:7": FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
4360proof (rule "∃I")+
4361  AOT_have F [«F::<κ>»]  [F]- using "thm-relation-negation:5" GEN by fast
4362  AOT_hence [E!]  [E!]-
4363    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
4364  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
4365    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
4366next
4367  AOT_show E!-
4368    by (fact AOT)
4369next
4370  AOT_show E! by (fact "cqt:2[concrete]"[axiom_inst])
4371qed
4372
4373AOT_theorem "property-facts:1": NonContingent([F])  ¬G (Contingent([G]) & G = F)
4374proof (rule "→I"; rule "raa-cor:2")
4375  AOT_assume NonContingent([F])
4376  AOT_hence 1: Necessary([F])  Impossible([F])
4377    using "contingent-properties:3"[THEN "≡dfE"] by blast
4378  AOT_assume G (Contingent([G]) & G = F)
4379  then AOT_obtain G where Contingent([G]) & G = F using "∃E"[rotated] by blast
4380  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
4381  AOT_hence ¬(Necessary([F])  Impossible([F]))
4382    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
4383  AOT_thus (Necessary([F])  Impossible([F])) & ¬(Necessary([F])  Impossible([F]))
4384    using 1 "&I" by blast
4385qed
4386
4387AOT_theorem "property-facts:2": Contingent([F])  ¬G (NonContingent([G]) & G = F)
4388proof (rule "→I"; rule "raa-cor:2")
4389  AOT_assume Contingent([F])
4390  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
4391    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
4392  AOT_assume G (NonContingent([G]) & G = F)
4393  then AOT_obtain G where NonContingent([G]) & G = F using "∃E"[rotated] by blast
4394  AOT_hence NonContingent([F]) using "rule=E" "&E" by blast
4395  AOT_hence Necessary([F])  Impossible([F])
4396    using "contingent-properties:3"[THEN "≡dfE"] by blast
4397  AOT_thus (Necessary([F])  Impossible([F])) & ¬(Necessary([F])  Impossible([F]))
4398    using 1 "&I" by blast
4399qed
4400
4401AOT_theorem "property-facts:3": L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
4402proof -
4403  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ Π Π'
4404    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
4405    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
4406  AOT_have contingent_denotes: Π if Contingent([Π]) for Π
4407    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
4408  AOT_have not_noncontingent_if_contingent: ¬NonContingent([Π]) if Contingent([Π]) for Π
4409  proof(rule RAA(2))
4410    AOT_show ¬(Necessary([Π])  Impossible([Π]))
4411      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF contingent_denotes[OF that], THEN "≡E"(1)] by blast
4412  next
4413    AOT_assume NonContingent([Π])
4414    AOT_thus Necessary([Π])  Impossible([Π])
4415      using "contingent-properties:3"[THEN "≡dfE"] by blast
4416  qed
4417
4418  show ?thesis
4419  proof (rule "&I")+
4420    AOT_show L  [L]-
4421      apply (rule "=dfI"(2)[OF L_def])
4422       apply "cqt:2[lambda]"
4423      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
4424       apply (rule GEN) apply (fact AOT)
4425      by "cqt:2[lambda]"
4426  next
4427    AOT_show L  E!
4428      apply (rule noneqI)
4429      using "thm-noncont-e-e:3" not_noncontingent_if_contingent[OF "thm-cont-e:5"]
4430      by auto
4431  next
4432    AOT_show L  E!-
4433      apply (rule noneqI)
4434      using "thm-noncont-e-e:3" apply fast
4435      apply (rule not_noncontingent_if_contingent)
4436      apply (rule "∀E"(1)[where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»", rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
4437      using "thm-cont-prop:3" GEN apply fast
4438      using "thm-cont-e:5" by fast+
4439  next
4440    AOT_show [L]-  E!-
4441      apply (rule noneqI)
4442      using "thm-noncont-e-e:4" apply fast
4443      apply (rule not_noncontingent_if_contingent)
4444      apply (rule "∀E"(1)[where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»", rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
4445      using "thm-cont-prop:3" GEN apply fast
4446      using "thm-cont-e:5" by fast+
4447  next
4448    AOT_show E!  E!-
4449      apply (rule "=dfI"(2)[OF L_def])
4450       apply "cqt:2[lambda]"
4451      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
4452       apply (rule GEN) apply (fact AOT)
4453      by (fact "cqt:2[concrete]"[axiom_inst])
4454  qed
4455qed
4456
4457AOT_theorem "thm-cont-propos:1": NonContingent0(p)  NonContingent0(((p)-))
4458proof(rule "≡I"; rule "→I")
4459  AOT_assume NonContingent0(p)
4460  AOT_hence Necessary0(p)  Impossible0(p)
4461    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4462  moreover {
4463    AOT_assume Necessary0(p)
4464    AOT_hence 1: p using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4465    AOT_have ¬((p)-)
4466      by (AOT_subst "«¬((p)-)»" "AOT_term_of_var p")
4467         (auto simp add: 1 "thm-relation-negation:4")
4468    AOT_hence Impossible0(((p)-))
4469      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4470  }
4471  moreover {
4472    AOT_assume Impossible0(p)
4473    AOT_hence 1: ¬p
4474      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
4475    AOT_have ((p)-)
4476      by (AOT_subst "«((p)-)»" "«¬p»") 
4477         (auto simp: 1 "thm-relation-negation:3")
4478    AOT_hence Necessary0(((p)-))
4479      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
4480  }
4481  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
4482    using "∨E"(1) "∨I" "→I" by metis
4483  AOT_thus NonContingent0(((p)-))
4484    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
4485next
4486  AOT_assume NonContingent0(((p)-))
4487  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
4488    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4489  moreover {
4490    AOT_assume Impossible0(((p)-))
4491    AOT_hence 1: ¬((p)-)
4492      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
4493    AOT_have p
4494      by (AOT_subst_rev "«¬((p)-)»" "AOT_term_of_var p")
4495         (auto simp: 1 "thm-relation-negation:4")
4496    AOT_hence Necessary0(p)
4497      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
4498  }
4499  moreover {
4500    AOT_assume Necessary0(((p)-))
4501    AOT_hence 1: ((p)-)
4502      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
4503    AOT_have ¬p
4504      by (AOT_subst_rev "«((p)-)»" "«¬p»")
4505         (auto simp: 1 "thm-relation-negation:3")
4506    AOT_hence Impossible0(p)
4507      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4508  }
4509  ultimately AOT_have Necessary0(p)  Impossible0(p)
4510    using "∨E"(1) "∨I" "→I" by metis
4511  AOT_thus NonContingent0(p)
4512    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
4513qed
4514
4515AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
4516proof -
4517  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
4518    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
4519  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
4520    by (fact AOT)
4521  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
4522    by (fact AOT)
4523  also AOT_have   φ & ¬φ
4524    apply (AOT_subst "«φ»" "«¬¬φ»")
4525     apply (simp add: "conventions:5" "≡Df")
4526    apply (AOT_subst "«Impossible0(φ)»" "«¬φ»")
4527     apply (simp add: "contingent-properties:2[zero]" "≡Df")
4528    apply (AOT_subst_rev "«¬φ»" "«¬φ»")
4529     apply (simp add: "KBasic:11")
4530    apply (AOT_subst "«Necessary0(φ)»" "«φ»")
4531     apply (simp add: "contingent-properties:1[zero]" "≡Df")
4532    by (simp add: "oth-class-taut:3:a")
4533  finally show ?thesis.
4534qed
4535
4536AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
4537proof -
4538  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
4539  also AOT_have   ¬p & p by (fact AOT)
4540  also AOT_have   ((p)-) & p
4541    by (AOT_subst "«((p)-)»" "«¬p»")
4542       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
4543  also AOT_have   ((p)-) & ¬((p)-)
4544    by (AOT_subst "«¬((p)-)»" "AOT_term_of_var p")
4545       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
4546  also AOT_have   Contingent0(((p)-))
4547    using "thm-cont-propos:2"[symmetric] by blast
4548  finally show ?thesis.
4549qed
4550
4551AOT_define noncontingent_prop :: ‹φ› ("p0")
4552  p0_def: "(p0) =df (x (E!x  E!x))"
4553
4554AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
4555proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
4556  AOT_show (p0)
4557    apply (rule "=dfI"(2)[OF p0_def])
4558    using "log-prop-prop:2" apply simp
4559    using "if-p-then-p" RN GEN by fast
4560qed
4561
4562AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
4563proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4564  AOT_show ¬((p0)-)
4565    apply (AOT_subst "«((p0)-)»" "«¬p0»")
4566    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"] apply fast
4567    apply (AOT_subst_rev "«p0»" "«¬¬p0»" )
4568     apply (simp add: "oth-class-taut:3:b")
4569    apply (rule "=dfI"(2)[OF p0_def])
4570    using "log-prop-prop:2" apply simp
4571    using "if-p-then-p" RN GEN by fast
4572qed
4573
4574AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
4575  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
4576  using "thm-noncont-propos:1" "∨I" by blast
4577
4578AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
4579  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
4580  using "thm-noncont-propos:2" "∨I" by blast
4581
4582AOT_theorem "thm-noncont-propos:5": pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
4583proof(rule "∃I")+
4584  AOT_have 0: φ  (φ)- for φ
4585    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4586  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
4587    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
4588qed(auto simp: "log-prop-prop:2")
4589
4590AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
4591proof(rule "raa-cor:2")
4592  AOT_assume x(E!x & ¬𝒜E!x)
4593  then AOT_obtain a where a: E!a & ¬𝒜E!a
4594    using "∃E"[rotated] by blast
4595  AOT_hence 𝒜¬E!a using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
4596  AOT_hence ¬E!a using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
4597  AOT_hence E!a & ¬E!a using a "&E" "&I" by blast
4598  AOT_thus p & ¬p for p using "raa-cor:1" by blast
4599qed
4600
4601AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
4602proof(rule "raa-cor:2")
4603  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
4604  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
4605    using "Act-Basic:10"[THEN "≡E"(1)] by blast
4606  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
4607  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a using "Act-Basic:2"[THEN "≡E"(1)] by blast
4608  AOT_hence ¬𝒜𝒜E!a using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
4609  AOT_hence ¬𝒜E!a using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
4610  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
4611qed
4612
4613AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
4614proof (rule RAA(1))
4615  AOT_show ¬𝒜x (E!x & ¬𝒜E!x) using "pos-not-pna:1" by blast
4616next
4617  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
4618  AOT_hence x (E!x & ¬𝒜E!x)
4619    using "KBasic:12"[THEN "≡E"(2)] by blast
4620  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
4621    using "nec-imp-act"[THEN "→E"] by blast
4622qed
4623
4624AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
4625proof -
4626  AOT_obtain a where (E!a & ¬𝒜E!a)
4627    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
4628  AOT_hence θ: E!a and ξ: ¬𝒜E!a using "KBasic2:3"[THEN "→E"] "&E" by blast+
4629  AOT_have ¬𝒜E!a using ξ "KBasic:11"[THEN "≡E"(2)] by blast
4630  AOT_hence ¬𝒜E!a using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)] by blast
4631  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
4632  thus ?thesis using "∃I" by fast
4633qed
4634
4635AOT_define contingent_prop :: φ ("q0")
4636  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
4637
4638AOT_theorem q0_prop: q0 & ¬q0
4639  apply (rule "=dfI"(2)[OF q0_def])
4640  apply (fact "log-prop-prop:2")
4641  apply (rule "&I")
4642   apply (fact "qml:4"[axiom_inst])
4643  by (fact "pos-not-pna:2")
4644
4645AOT_theorem "basic-prop:1": Contingent0((q0))
4646proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
4647  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
4648  proof (rule "&I"; rule "=dfI"(2)[OF q0_def]; (rule "log-prop-prop:2" | rule "raa-cor:2"))
4649    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
4650    AOT_hence x (E!x & ¬𝒜E!x)
4651      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4652    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
4653      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
4654    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
4655      using "pos-not-pna:1" "&I" by blast
4656  next
4657    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
4658    AOT_hence ¬(x (E!x & ¬𝒜E!x))
4659      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
4660    AOT_hence ¬(x (E!x & ¬𝒜E!x)) using "KBasic2:1"[THEN "≡E"(1)] by blast
4661    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
4662      using "qml:4"[axiom_inst] "&I" by blast
4663  qed
4664  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
4665    using "oth-class-taut:5:d" "≡E"(2) by blast
4666qed
4667
4668AOT_theorem "basic-prop:2": p Contingent0((p))
4669  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
4670
4671AOT_theorem "basic-prop:3": Contingent0(((q0)-))
4672  apply (AOT_subst "«(q0)-»" "«¬q0»")
4673   apply (insert "thm-relation-negation:3" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
4674  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
4675  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
4676  apply (rule "&I")
4677   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]", THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
4678   apply (rule "conventions:5"[THEN "≡dfE"])
4679   apply (rule "=dfE"(2)[OF q0_def])
4680    apply (rule "log-prop-prop:2")
4681   apply (rule q0_prop[THEN "&E"(1)])
4682  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]", THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
4683  apply (rule "conventions:5"[THEN "≡dfE"])
4684  by (rule q0_prop[THEN "&E"(2)])
4685
4686AOT_theorem "basic-prop:4": pq (p  q & Contingent0(p) & Contingent0(q))
4687proof(rule "∃I")+
4688  AOT_have 0: φ  (φ)- for φ
4689    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4690  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
4691    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
4692qed(auto simp: "log-prop-prop:2")
4693
4694AOT_theorem "proposition-facts:1": NonContingent0(p)  ¬q (Contingent0(q) & q = p)
4695proof(rule "→I"; rule "raa-cor:2")
4696  AOT_assume NonContingent0(p)
4697  AOT_hence 1: Necessary0(p)  Impossible0(p)
4698    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4699  AOT_assume q (Contingent0(q) & q = p)
4700  then AOT_obtain q where Contingent0(q) & q = p using "∃E"[rotated] by blast
4701  AOT_hence Contingent0(p) using "rule=E" "&E" by fast
4702  AOT_thus (Necessary0(p)  Impossible0(p)) & ¬(Necessary0(p)  Impossible0(p))
4703    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
4704qed
4705
4706AOT_theorem "proposition-facts:2": Contingent0(p)  ¬q (NonContingent0(q) & q = p)
4707proof(rule "→I"; rule "raa-cor:2")
4708  AOT_assume Contingent0(p)
4709  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
4710    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
4711  AOT_assume q (NonContingent0(q) & q = p)
4712  then AOT_obtain q where NonContingent0(q) & q = p using "∃E"[rotated] by blast
4713  AOT_hence NonContingent0(p) using "rule=E" "&E" by fast
4714  AOT_thus (Necessary0(p)  Impossible0(p)) & ¬(Necessary0(p)  Impossible0(p))
4715    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
4716qed
4717
4718AOT_theorem "proposition-facts:3": (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
4719proof -
4720  {
4721    fix χ φ ψ
4722    AOT_assume χ{φ}
4723    moreover AOT_assume ¬χ{ψ}
4724    ultimately AOT_have ¬(χ{φ}  χ{ψ})
4725      using RAA "≡E" by metis
4726    moreover {
4727      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
4728        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
4729      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
4730        using "∀E" "log-prop-prop:2" by blast
4731    }
4732    ultimately AOT_have φ  ψ
4733      using "→E" by blast
4734  } note 0 = this
4735  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
4736    using "thm-cont-propos:3" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4737  AOT_have not_noncontingent_if_contingent: ¬NonContingent0(φ) if Contingent0(φ) for φ
4738    apply (rule "contingent-properties:3[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4739    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
4740  show ?thesis
4741    apply (rule "&I")+
4742    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] apply fast
4743       apply (rule 0)
4744    using "thm-noncont-propos:3" apply fast
4745       apply (rule not_noncontingent_if_contingent)
4746       apply (fact AOT)
4747      apply (rule 0)
4748    apply (rule "thm-noncont-propos:3")
4749      apply (rule not_noncontingent_if_contingent)
4750      apply (rule contingent_neg[THEN "≡E"(1)])
4751      apply (fact AOT)
4752     apply (rule 0)
4753    apply (rule "thm-noncont-propos:4")
4754      apply (rule not_noncontingent_if_contingent)
4755      apply (rule contingent_neg[THEN "≡E"(1)])
4756     apply (fact AOT)
4757    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4758qed
4759
4760AOT_define "cont-tf:1" :: ‹φ  φ› ("ContingentlyTrue'(_')")
4761  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
4762
4763AOT_define "cont-tf:2" :: ‹φ  φ› ("ContingentlyFalse'(_')")
4764  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
4765
4766AOT_theorem "cont-true-cont:1": ContingentlyTrue((p))  Contingent0((p))
4767proof(rule "→I")
4768  AOT_assume ContingentlyTrue((p))
4769  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
4770  AOT_have ¬Necessary0((p))
4771    apply (rule "contingent-properties:1[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4772    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
4773  moreover AOT_have ¬Impossible0((p))
4774    apply (rule "contingent-properties:2[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4775    apply (rule "conventions:5"[THEN "≡dfE"])
4776    using "T◇"[THEN "→E", OF 1].
4777  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
4778    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
4779  AOT_thus Contingent0((p))
4780    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
4781qed
4782
4783AOT_theorem "cont-true-cont:2": ContingentlyFalse((p))  Contingent0((p))
4784proof(rule "→I")
4785  AOT_assume ContingentlyFalse((p))
4786  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
4787  AOT_have ¬Necessary0((p))
4788    apply (rule "contingent-properties:1[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4789    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
4790  moreover AOT_have ¬Impossible0((p))
4791    apply (rule "contingent-properties:2[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4792    apply (rule "conventions:5"[THEN "≡dfE"])
4793    using 2.
4794  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
4795    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
4796  AOT_thus Contingent0((p))
4797    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
4798qed
4799
4800AOT_theorem "cont-true-cont:3": ContingentlyTrue((p))  ContingentlyFalse(((p)-))
4801proof(rule "≡I"; rule "→I")
4802  AOT_assume ContingentlyTrue((p))
4803  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
4804  AOT_have 1: ContingentlyFalse(¬p)
4805    apply (rule "cont-tf:2"[THEN "≡dfI"])
4806    apply (AOT_subst_rev "AOT_term_of_var p" "«¬¬p»")
4807    by (auto simp: "oth-class-taut:3:b" 0)
4808  AOT_show ContingentlyFalse(((p)-))
4809    apply (AOT_subst "«(p)-»" "«¬p»")
4810    by (auto simp: "thm-relation-negation:3" 1)
4811next
4812  AOT_assume 1: ContingentlyFalse(((p)-))
4813  AOT_have ContingentlyFalse(¬p)
4814    by (AOT_subst_rev "«(p)-»" "«¬p»")
4815       (auto simp: "thm-relation-negation:3" 1)
4816  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
4817  AOT_hence p & ¬p
4818    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
4819  AOT_thus ContingentlyTrue((p))
4820    using "cont-tf:1"[THEN "≡dfI"] by blast
4821qed
4822
4823AOT_theorem "cont-true-cont:4": ContingentlyFalse((p))  ContingentlyTrue(((p)-))
4824proof(rule "≡I"; rule "→I")
4825  AOT_assume ContingentlyFalse(p)
4826  AOT_hence 0: ¬p & p
4827    using "cont-tf:2"[THEN "≡dfE"] by blast
4828  AOT_have ¬p & ¬¬p
4829    by (AOT_subst_rev "AOT_term_of_var p" "«¬¬p»")
4830       (auto simp: "oth-class-taut:3:b" 0)
4831  AOT_hence 1: ContingentlyTrue(¬p)
4832    by (rule "cont-tf:1"[THEN "≡dfI"])
4833  AOT_show ContingentlyTrue(((p)-))
4834    by (AOT_subst "«(p)-»" "«¬p»")
4835       (auto simp: "thm-relation-negation:3" 1)
4836next
4837  AOT_assume 1: ContingentlyTrue(((p)-))
4838  AOT_have ContingentlyTrue(¬p)
4839    by (AOT_subst_rev "«(p)-»" "«¬p»")
4840       (auto simp add: "thm-relation-negation:3" 1)
4841  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
4842  AOT_have p
4843    by (AOT_subst "AOT_term_of_var p" "«¬¬p»")
4844       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
4845  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
4846  AOT_thus ContingentlyFalse(p)
4847    by (rule "cont-tf:2"[THEN "≡dfI"])
4848qed
4849
4850AOT_theorem "cont-true-cont:5": (ContingentlyTrue((p)) & Necessary0((q)))  p  q
4851proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
4852  AOT_assume ContingentlyTrue((p))
4853  AOT_hence ¬p
4854    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
4855  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
4856  AOT_assume Necessary0((q))
4857  moreover AOT_assume ¬(p  q)
4858  AOT_hence p = q
4859    using "=-infix"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4860          "useful-tautologies:1"[THEN "→E"] by blast
4861  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
4862  AOT_hence p
4863    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4864  AOT_thus p & ¬p using 0 "&I" by blast
4865qed
4866
4867AOT_theorem "cont-true-cont:6": (ContingentlyFalse((p)) & Impossible0((q)))  p  q
4868proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
4869  AOT_assume ContingentlyFalse((p))
4870  AOT_hence p
4871    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
4872  AOT_hence 1: ¬¬p
4873    using "conventions:5"[THEN "≡dfE"] by blast
4874  AOT_assume Impossible0((q))
4875  moreover AOT_assume ¬(p  q)
4876  AOT_hence p = q
4877    using "=-infix"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4878          "useful-tautologies:1"[THEN "→E"] by blast
4879  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
4880  AOT_hence ¬p
4881    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
4882  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
4883qed
4884
4885AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
4886  apply (rule "cont-tf:2"[THEN "≡dfI"])
4887  apply (rule "=dfI"(2)[OF q0_def])
4888   apply (fact "log-prop-prop:2")
4889  apply (rule "&I")
4890   apply (fact "no-cnac")
4891  by (fact "qml:4"[axiom_inst])
4892
4893AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
4894  apply (rule "cont-tf:1"[THEN "≡dfI"])
4895  apply (rule "=dfI"(2)[OF q0_def])
4896   apply (fact "log-prop-prop:2")
4897  apply (rule "&I")
4898     apply (rule "thm-relation-negation:3"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
4899     apply (fact "no-cnac")
4900    apply (rule "rule=E"[rotated, OF "thm-relation-negation:7"[unvarify p, OF "log-prop-prop:2", THEN id_sym]])
4901  apply (AOT_subst_rev "«x (E!x & ¬𝒜E!x)»" "«¬¬(x  (E!x & ¬𝒜E!x))»")
4902  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
4903
4904(* TODO: q0cf-rem skipped for now *)
4905
4906AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
4907proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
4908  AOT_assume q0
4909  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
4910  AOT_thus ContingentlyTrue(q0)
4911    by (rule "cont-tf:1"[THEN "≡dfI"])
4912next
4913  AOT_assume ¬q0
4914  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
4915  AOT_hence ContingentlyFalse(q0)
4916    by (rule "cont-tf:2"[THEN "≡dfI"])
4917  AOT_thus ContingentlyTrue(((q0)-))
4918    by (rule "cont-true-cont:4"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)])
4919qed(auto simp: "log-prop-prop:2")
4920
4921
4922AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
4923proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
4924  AOT_assume q0
4925  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
4926  AOT_hence ContingentlyTrue(q0)
4927    by (rule "cont-tf:1"[THEN "≡dfI"])
4928  AOT_thus ContingentlyFalse(((q0)-))
4929    by (rule "cont-true-cont:3"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)])
4930next
4931  AOT_assume ¬q0
4932  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
4933  AOT_thus ContingentlyFalse(q0)
4934    by (rule "cont-tf:2"[THEN "≡dfI"])
4935qed(auto simp: "log-prop-prop:2")
4936
4937(* TODO: inspect modally strict subproof involving obtained variable *)
4938AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
4939proof -
4940  fix x
4941  AOT_obtain p1 where ContingentlyTrue((p1))
4942    using "cont-tf-thm:1" "∃E"[rotated] by blast
4943  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
4944  AOT_modally_strict {
4945    AOT_have for arbitrary p:  (z p]x  p)
4946      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
4947    AOT_hence for arbitrary p:   (z p]x  p)
4948      by (rule RN)
4949    AOT_hence p (z p]x  p) using GEN by fast
4950    AOT_hence (z p1]x  p1) using "∀E" by fast
4951  } note 2 = this
4952  AOT_hence (z p1]x  p1) using "∀E" by blast
4953  AOT_hence z p1]x using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
4954  moreover AOT_have ¬z p1]x
4955    apply (AOT_subst_using subst: 2[THEN "qml:2"[axiom_inst, THEN "→E"]])
4956    using 1[THEN "&E"(2)] by blast
4957  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
4958  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
4959  moreover AOT_have z p1] by "cqt:2[lambda]"
4960  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
4961qed
4962
4963(* TODO: inspect modally strict subproof involving obtained variable *)
4964AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
4965proof -
4966  fix x
4967  AOT_obtain p1 where ContingentlyFalse((p1))
4968    using "cont-tf-thm:2" "∃E"[rotated] by blast
4969  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
4970  AOT_modally_strict {
4971    AOT_have for arbitrary p:  (z p]x  p)
4972      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
4973    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
4974      using "oth-class-taut:4:b" "≡E" by blast
4975    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
4976      by (rule RN)
4977    AOT_hence p (¬z p]x  ¬p) using GEN by fast
4978    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
4979  } note 2 = this
4980  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
4981  AOT_hence 3: ¬z p1]x using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
4982  AOT_modally_strict {
4983    AOT_have for arbitrary p:  (z p]x  p)
4984      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
4985    AOT_hence for arbitrary p:  (z p]x  p)
4986      by (rule RN)
4987    AOT_hence p (z p]x  p) using GEN by fast
4988    AOT_hence (z p1]x  p1) using "∀E" by fast
4989  } note 4 = this
4990  AOT_have z p1]x
4991    apply (AOT_subst_using subst: 4[THEN "qml:2"[axiom_inst, THEN "→E"]])
4992    using 1[THEN "&E"(2)] by blast
4993  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
4994  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
4995  moreover AOT_have z p1] by "cqt:2[lambda]"
4996  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
4997qed
4998
4999context
5000begin
5001
5002private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
5003    apply (rule "=dfI"(2)[OF L_def])
5004     apply "cqt:2[lambda]"
5005    apply (rule "beta-C-meta"[THEN "→E"])
5006  by "cqt:2[lambda]"
5007
5008private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
5009    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5010
5011private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
5012proof(rule "≡I"; rule "→I"; (rule "∀I")?)
5013  fix x
5014  AOT_assume 1: φ
5015  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
5016  also AOT_have   φ
5017    using "if-p-then-p" 1 "≡I" "→I" by simp
5018  also AOT_have   z φ]x
5019    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
5020  finally AOT_show [L]x  z φ]x.
5021next
5022  fix x
5023  AOT_assume x([L]x  z φ]x)
5024  AOT_hence [L]x  z φ]x using "∀E" by blast
5025  also AOT_have   φ using eqnotnec_123_Aux_ω.
5026  finally AOT_have φ  [L]x using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5027  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
5028  finally AOT_show φ using "≡E" "if-p-then-p" by fast
5029qed
5030private lemmas eqnotnec_123_Aux_ξ =  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5031                      THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5032                      THEN "RM◇"]
5033private lemmas eqnotnec_123_Aux_ξ' = eqnotnec_123_Aux_θ[THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)], THEN "RM◇"]
5034
5035AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5036proof-
5037  AOT_obtain p1 where ContingentlyTrue(p1) using "cont-tf-thm:1" "∃E"[rotated] by blast
5038  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5039  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
5040    apply - apply (rule "&I")
5041    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)] eqnotnec_123_Aux_ξ "→E" by fast+
5042  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
5043    by (rule "∃I") "cqt:2[lambda]"
5044  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
5045    apply (rule "∃I")
5046    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5047qed
5048
5049AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
5050proof-
5051  AOT_obtain p1 where ContingentlyFalse(p1) using "cont-tf-thm:2" "∃E"[rotated] by blast
5052  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5053  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
5054    apply - apply (rule "&I")
5055    using "&E" eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)] eqnotnec_123_Aux_ξ' "→E" by fast+
5056  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
5057    by (rule "∃I") "cqt:2[lambda]"
5058  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
5059    apply (rule "∃I")
5060    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5061qed
5062
5063AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5064proof-
5065  AOT_have ¬𝒜q0
5066    apply (rule "=dfI"(2)[OF q0_def])
5067     apply (fact "log-prop-prop:2")
5068    by (fact AOT)
5069  AOT_hence 𝒜¬q0
5070    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5071  AOT_hence 𝒜¬x ([L]x  z q0]x)
5072    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5073            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5074            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
5075  moreover AOT_have x ([L]x  z q0]x) using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
5076  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x) using "&I" by blast
5077  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
5078    by (rule "∃I") "cqt:2[lambda]"
5079  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5080    apply (rule "∃I")
5081    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5082qed
5083
5084end
5085
5086(* TODO[IMPORTANT]: proof of 219.4 ζ: appeal to (159.2) requires a theorem, but the result has local
5087   assumptions! *)
5088AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5089proof(rule GEN)
5090  fix F
5091
5092  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5093  proof(rule "→I"; rule GEN)
5094    AOT_modally_strict {
5095    fix x
5096    AOT_assume 0: ψ
5097    AOT_have z [F]z & ψ]x  [F]x & ψ
5098      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5099    also AOT_have ...  [F]x
5100      apply (rule "≡I"; rule "→I")
5101      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5102      using 0 "&I" by blast
5103    finally AOT_show [F]x  z [F]z & ψ]x
5104      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5105    }
5106  qed
5107
5108  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5109  proof (rule "→I"; rule GEN)
5110    AOT_modally_strict {
5111      fix x
5112      AOT_assume 0: ψ
5113      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5114        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5115      also AOT_have ...  [F]x
5116        apply (rule "≡I"; rule "→I")
5117        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5118        apply (rule "∨I"(1)) using 0 "&I" by blast
5119      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5120        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5121    }
5122  qed
5123
5124  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5125  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
5126  AOT_modally_strict {
5127      AOT_assume 0: ¬ψ
5128      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5129      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5130      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5131          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5132      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5133        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5134      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5135        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5136      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5137      ultimately AOT_have ψ using "≡E" "&E" by metis
5138      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5139    }
5140  qed
5141
5142  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5143  proof (rule "→I")
5144    AOT_assume A: z([F]z  z [F]z & ψ]z)
5145    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
5146    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
5147          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
5148          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5149      AOT_modally_strict {
5150        AOT_assume z ([F]z  z [F]z & ψ]z)
5151        AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5152        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5153        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5154        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5155        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5156      }
5157    next
5158      AOT_modally_strict {
5159        AOT_assume z ([F]z  z [F]z & ψ]z)
5160        AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5161        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5162        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5163        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5164        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5165      }
5166    qed(auto simp: A)
5167  qed
5168
5169  AOT_obtain p1 where p1_prop: p1 & ¬p1 using "cont-tf-thm:1" "∃E"[rotated] "cont-tf:1"[THEN "≡dfE"] by blast
5170  {
5171    AOT_assume 1: x([F]x  z [F]z & p1]x)
5172    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
5173      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
5174    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
5175      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
5176    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
5177      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5178    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) & ¬x([F]x  z [F]z & p1  ¬p1]x) using 2 "&I" by blast
5179    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5180      by (rule "∃I"(1)) "cqt:2[lambda]"
5181  }
5182  moreover {
5183    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
5184    AOT_hence ¬x([F]x  z [F]z & p1]x)
5185      using "KBasic:11"[THEN "≡E"(1)] by blast
5186    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
5187      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
5188    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5189      by (rule "∃I"(1)) "cqt:2[lambda]"
5190  }
5191  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5192    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5193qed
5194
5195AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
5196proof(rule GEN)
5197  fix F
5198
5199  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5200  proof(rule "RM◇"; rule "→I"; rule GEN)
5201    AOT_modally_strict {
5202    fix x
5203    AOT_assume 0: ψ
5204    AOT_have z [F]z & ψ]x  [F]x & ψ
5205      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5206    also AOT_have ...  [F]x
5207      apply (rule "≡I"; rule "→I")
5208      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5209      using 0 "&I" by blast
5210    finally AOT_show [F]x  z [F]z & ψ]x
5211      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5212    }
5213  qed
5214
5215  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5216  proof (rule "RM◇"; rule "→I"; rule GEN)
5217    AOT_modally_strict {
5218      fix x
5219      AOT_assume 0: ψ
5220      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5221        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5222      also AOT_have ...  [F]x
5223        apply (rule "≡I"; rule "→I")
5224        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5225        apply (rule "∨I"(1)) using 0 "&I" by blast
5226      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5227        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5228    }
5229  qed
5230
5231  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5232  proof(rule "→I"; rule "raa-cor:2")
5233  AOT_modally_strict {
5234      AOT_assume 0: ¬ψ
5235      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5236      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5237      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5238          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5239      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5240        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5241      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5242        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5243      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5244      ultimately AOT_have ψ using "≡E" "&E" by metis
5245      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5246    }
5247  qed
5248
5249  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5250  proof (rule "→I"; rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5251    AOT_modally_strict {
5252      AOT_assume z ([F]z  z [F]z & ψ]z)
5253      AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5254      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5255      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5256      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5257      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5258    }
5259  next
5260    AOT_modally_strict {
5261      AOT_assume z ([F]z  z [F]z & ψ]z)
5262      AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5263      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5264      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5265      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5266      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5267    }
5268  qed
5269
5270  AOT_obtain p1 where p1_prop: ¬p1 & p1 using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
5271  {
5272    AOT_assume 1: x([F]x  z [F]z & p1]x)
5273    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
5274      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
5275    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
5276      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
5277    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
5278      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5279    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) & x([F]x  z [F]z & p1  ¬p1]x) using 2 "&I" by blast
5280    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5281      by (rule "∃I"(1)) "cqt:2[lambda]"
5282  }
5283  moreover {
5284    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
5285    AOT_hence ¬x([F]x  z [F]z & p1]x)
5286      using "KBasic:11"[THEN "≡E"(1)] by blast
5287    AOT_hence ¬x ([F]x  z [F]z & p1]x) & x([F]x  z [F]z & p1]x)
5288      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
5289    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5290      by (rule "∃I"(1)) "cqt:2[lambda]"
5291  }
5292  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5293    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5294qed
5295
5296AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5297proof(rule GEN)
5298  fix F
5299
5300  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5301  proof(rule "RM◇"; rule "→I"; rule GEN)
5302    AOT_modally_strict {
5303    fix x
5304    AOT_assume 0: ψ
5305    AOT_have z [F]z & ψ]x  [F]x & ψ
5306      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5307    also AOT_have ...  [F]x
5308      apply (rule "≡I"; rule "→I")
5309      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5310      using 0 "&I" by blast
5311    finally AOT_show [F]x  z [F]z & ψ]x
5312      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5313    }
5314  qed
5315
5316  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5317  proof (rule "RM◇"; rule "→I"; rule GEN)
5318    AOT_modally_strict {
5319      fix x
5320      AOT_assume 0: ψ
5321      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5322        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5323      also AOT_have ...  [F]x
5324        apply (rule "≡I"; rule "→I")
5325        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5326        apply (rule "∨I"(1)) using 0 "&I" by blast
5327      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5328        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5329    }
5330  qed
5331
5332  AOT_have Aux_C:  𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5333  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
5334  AOT_modally_strict {
5335      AOT_assume 0: ¬ψ
5336      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5337      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5338      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5339          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5340      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5341        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5342      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5343        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5344      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5345      ultimately AOT_have ψ using "≡E" "&E" by metis
5346      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5347    }
5348  qed
5349
5350  AOT_have Aux_D: 𝒜z ([F]z  z [F]z & ψ]z)  (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5351  proof (rule "→I"; rule "Act-Basic:5"[THEN "≡E"(1)])
5352    AOT_assume 𝒜z ([F]z  z [F]z & ψ]z)
5353    AOT_thus 𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x))
5354    proof (rule "RA[3]"[where Γ="{«z ([F]z  z [F]z & ψ]z)»}", simplified, rotated])
5355      AOT_modally_strict {
5356        AOT_assume z ([F]z  z [F]z & ψ]z)
5357        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
5358          apply -
5359        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5360        AOT_modally_strict {
5361          AOT_assume z ([F]z  z [F]z & ψ]z)
5362          AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5363          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5364          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5365          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5366          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5367        }
5368      next
5369        AOT_modally_strict {
5370          AOT_assume z ([F]z  z [F]z & ψ]z)
5371          AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5372          AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5373          AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5374          AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5375          AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5376        }
5377      qed
5378      }
5379    qed
5380  qed
5381
5382  AOT_have ¬𝒜q0
5383    apply (rule "=dfI"(2)[OF q0_def])
5384     apply (fact "log-prop-prop:2")
5385    by (fact AOT)
5386  AOT_hence q0_prop_1: 𝒜¬q0
5387    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5388  {
5389    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
5390    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
5391      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
5392    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
5393      using Aux_C[THEN "→E", OF q0_prop_1].
5394    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
5395      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5396    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) & x([F]x  z [F]z & q0  ¬q0]x) using 2 "&I" by blast
5397    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5398      by (rule "∃I"(1)) "cqt:2[lambda]"
5399  }
5400  moreover {
5401    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
5402    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
5403      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5404    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
5405      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
5406    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5407      by (rule "∃I"(1)) "cqt:2[lambda]"
5408  }
5409  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5410    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5411qed
5412
5413AOT_theorem "oa-contingent:1": O!  A!
5414proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
5415  fix x
5416  AOT_assume 1: O! = A!
5417  AOT_hence x E!x] = A!
5418    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5419  AOT_hence x E!x] = x ¬E!x]
5420    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5421  moreover AOT_have x E!x]x  E!x
5422    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5423  ultimately AOT_have x ¬E!x]x  E!x
5424    using "rule=E" by fast
5425  moreover AOT_have x ¬E!x]x  ¬E!x
5426    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5427  ultimately AOT_have E!x  ¬E!x using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
5428  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)" using "oth-class-taut:3:c" "&I" by blast
5429qed
5430
5431AOT_theorem "oa-contingent:2": O!x  ¬A!x
5432proof -
5433  AOT_have O!x  x E!x]x
5434    apply (rule "≡I"; rule "→I")
5435     apply (rule "=dfE"(2)[OF AOT_ordinary])
5436      apply "cqt:2[lambda]"
5437     apply argo
5438    apply (rule  "=dfI"(2)[OF AOT_ordinary])
5439     apply "cqt:2[lambda]"
5440    by argo
5441  also AOT_have   E!x
5442    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5443  also AOT_have   ¬¬E!x
5444    using "oth-class-taut:3:b".
5445  also AOT_have   ¬x ¬E!x]x
5446    by (rule "beta-C-meta"[THEN "→E", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric]) "cqt:2[lambda]"
5447  also AOT_have   ¬A!x
5448    apply (rule "≡I"; rule "→I")
5449     apply (rule "=dfI"(2)[OF AOT_abstract])
5450      apply "cqt:2[lambda]"
5451     apply argo
5452    apply (rule "=dfE"(2)[OF AOT_abstract])
5453     apply "cqt:2[lambda]"
5454    by argo
5455  finally show ?thesis.
5456qed
5457
5458AOT_theorem "oa-contingent:3": A!x  ¬O!x
5459  by (AOT_subst "«A!x»" "«¬¬A!x»")
5460     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
5461
5462AOT_theorem "oa-contingent:4": Contingent(O!)
5463proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)]; rule "&I")
5464  AOT_have x E!x using "thm-cont-e:3" .
5465  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
5466  then AOT_obtain a where E!a using "∃E"[rotated] by blast
5467  AOT_hence x E!x]a
5468    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
5469  AOT_hence O!a
5470    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5471  AOT_hence x O!x using "∃I" by blast
5472  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
5473next
5474  AOT_obtain a where A!a
5475    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5476  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
5477  AOT_hence x ¬O!x using "∃I" by fast
5478  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
5479qed
5480
5481AOT_theorem "oa-contingent:5": Contingent(A!)
5482proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)]; rule "&I")
5483  AOT_obtain a where A!a
5484    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5485  AOT_hence x A!x using "∃I" by fast
5486  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
5487next
5488  AOT_have x E!x using "thm-cont-e:3" .
5489  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
5490  then AOT_obtain a where E!a using "∃E"[rotated] by blast
5491  AOT_hence x E!x]a
5492    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
5493  AOT_hence O!a
5494    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5495  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
5496  AOT_hence x ¬A!x using "∃I" by fast
5497  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
5498qed
5499
5500AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
5501proof -
5502  AOT_have O!x  ¬A!x
5503    using "oa-contingent:2" by blast
5504  also AOT_have   A!-x
5505    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
5506  finally AOT_have 1: O!x  A!-x.
5507
5508  AOT_have A!x  ¬O!x
5509    using "oa-contingent:3" by blast
5510  also AOT_have   O!-x
5511    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
5512  finally AOT_have 2: A!x  O!-x.
5513
5514  AOT_show O!-x  ¬A!-x
5515    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "oa-contingent:3"[of _ x] 2[symmetric]
5516          "≡E"(5) by blast
5517qed
5518
5519AOT_theorem "oa-contingent:6": O!-  A!-
5520proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5521  AOT_assume 1: O!- = A!-
5522  fix x
5523  AOT_have A!-x  O!-x
5524    apply (rule "rule=E"[rotated, OF 1]) by (fact "oth-class-taut:3:a")
5525  AOT_hence A!-x  ¬A!-x
5526    using "oa-contingent:7" "≡E" by fast
5527  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x) using "oth-class-taut:3:c" "&I" by blast
5528qed
5529
5530AOT_theorem "oa-contingent:8": Contingent(O!-)
5531  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1), OF "oa-contingent:4"].
5532
5533AOT_theorem "oa-contingent:9": Contingent(A!-)
5534  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1), OF "oa-contingent:5"].
5535
5536AOT_define WeaklyContingent :: ‹Π  φ› ("WeaklyContingent'(_')")
5537  "df-cont-nec": "WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)"
5538
5539AOT_theorem "cont-nec-fact1:1": WeaklyContingent([F])  WeaklyContingent([F]-)
5540proof -
5541  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
5542    using "df-cont-nec"[THEN "≡Df"] by blast
5543  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
5544    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
5545    using "thm-cont-prop:3".
5546  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
5547  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)]; rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
5548    fix x
5549    AOT_assume 0: x ([F]x  [F]x)
5550    AOT_assume 1: [F]-x
5551    AOT_have ¬[F]x
5552      by (AOT_subst_rev "«[F]-x»" "«¬[F]x»")
5553         (auto simp add: "thm-relation-negation:1" 1)
5554    AOT_hence 2: ¬[F]x
5555      using "KBasic:11"[THEN "≡E"(2)] by blast
5556    AOT_show [F]-x
5557    proof (rule "raa-cor:1")
5558      AOT_assume 3: ¬[F]-x
5559      AOT_have ¬¬[F]x
5560        by (AOT_subst_rev "«[F]-x»" "«¬[F]x»")
5561           (auto simp add: "thm-relation-negation:1" 3)
5562      AOT_hence [F]x
5563        using "conventions:5"[THEN "≡dfI"] by simp
5564      AOT_hence [F]x using 0 "∀E" "→E" by fast
5565      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
5566    qed
5567  next
5568    fix x
5569    AOT_assume 0: x ([F]-x  [F]-x)
5570    AOT_assume 1: [F]x
5571    AOT_have ¬[F]-x
5572      by (AOT_subst "«¬[F]-x»" "«[F]x»")
5573         (auto simp: "thm-relation-negation:2" 1)
5574    AOT_hence 2: ¬[F]-x
5575      using "KBasic:11"[THEN "≡E"(2)] by blast
5576    AOT_show [F]x
5577    proof (rule "raa-cor:1")
5578      AOT_assume 3: ¬[F]x
5579      AOT_have ¬¬[F]-x
5580        by (AOT_subst "«¬[F]-x»" "«[F]x»")
5581           (auto simp add: "thm-relation-negation:2" 3)
5582      AOT_hence [F]-x
5583        using "conventions:5"[THEN "≡dfI"] by simp
5584      AOT_hence [F]-x using 0 "∀E" "→E" by fast
5585      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
5586    qed
5587  qed
5588  also AOT_have   WeaklyContingent([F]-)
5589    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
5590  finally show ?thesis.
5591qed
5592
5593AOT_theorem "cont-nec-fact1:2": (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
5594proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5595  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
5596  AOT_hence WeaklyContingent([F]) using "&E" by blast
5597  moreover AOT_assume F = G
5598  ultimately AOT_have WeaklyContingent([G])
5599    using "rule=E" by blast
5600  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
5601    using 1 "&I" "&E" by blast
5602qed
5603
5604AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
5605proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
5606  AOT_show Contingent(O!)
5607    using "oa-contingent:4".
5608next
5609  AOT_show x ([O!]x  [O!]x)
5610    apply (rule GEN; rule "→I")
5611    using "oa-facts:5"[THEN "≡E"(1)] by blast
5612qed
5613
5614
5615AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
5616proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
5617  AOT_show Contingent(A!)
5618    using "oa-contingent:5".
5619next
5620  AOT_show x ([A!]x  [A!]x)
5621    apply (rule GEN; rule "→I")
5622    using "oa-facts:6"[THEN "≡E"(1)] by blast
5623qed
5624
5625AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
5626proof (rule "df-cont-nec"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)];
5627       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
5628  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
5629  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
5630  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
5631  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
5632  moreover AOT_assume x ([E!]x  [E!]x)
5633  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
5634  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
5635  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
5636  moreover AOT_have ¬𝒜E!a using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
5637  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
5638  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5639qed
5640
5641AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
5642  apply (rule "df-cont-nec"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)];
5643       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
5644  apply (rule "contingent-properties:4"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5645  apply (rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "useful-tautologies:2"[THEN "→E"])
5646  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
5647
5648(* TODO: cleanup *)
5649AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
5650proof -
5651  AOT_have 1: L
5652    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5653  {
5654    fix φ and Π and Π'
5655    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
5656    proof (rule "raa-cor:2")
5657      AOT_assume φ{Π'}  φ{Π}
5658      AOT_hence φ{Π'} using that(1) "≡E" by blast
5659      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
5660    qed
5661    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
5662      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E", OF that(1,2), OF A[OF that(3, 4)]].
5663  } note 0 = this
5664  show ?thesis
5665    apply(safe intro!: "&I"; rule 0)
5666    using "cqt:2[concrete]"[axiom_inst] apply blast
5667    using "oa-exist:1" apply blast
5668    using "cont-nec-fact2:3" apply fast
5669    apply (rule "useful-tautologies:2"[THEN "→E"])
5670    using "cont-nec-fact2:1" apply fast
5671    using "rel-neg-T:3" apply fast
5672    using "oa-exist:1" apply blast
5673    using "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:3", OF "cqt:2[concrete]"[axiom_inst]] apply fast
5674    apply (rule "useful-tautologies:2"[THEN "→E"])
5675    using "cont-nec-fact2:1" apply blast
5676    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5677    using "oa-exist:1" apply fast
5678    using "cont-nec-fact2:4" apply fast
5679    apply (rule "useful-tautologies:2"[THEN "→E"])
5680    using "cont-nec-fact2:1" apply fast
5681    using "rel-neg-T:3" apply fast
5682    using "oa-exist:1" apply fast
5683    apply (rule "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
5684    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5685    apply (rule "useful-tautologies:2"[THEN "→E"])
5686    using "cont-nec-fact2:1" by blast
5687qed
5688
5689(* TODO: cleanup together with above *)
5690AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
5691proof -
5692  AOT_have 1: L
5693    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5694  {
5695    fix φ and Π and Π'
5696    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
5697    proof (rule "raa-cor:2")
5698      AOT_assume φ{Π'}  φ{Π}
5699      AOT_hence φ{Π'} using that(1) "≡E" by blast
5700      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
5701    qed
5702    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
5703      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E", OF that(1,2), OF A[OF that(3, 4)]].
5704  } note 0 = this
5705  show ?thesis
5706    apply(safe intro!: "&I"; rule 0)
5707    using "cqt:2[concrete]"[axiom_inst] apply blast
5708    using "oa-exist:2" apply blast
5709    using "cont-nec-fact2:3" apply fast
5710    apply (rule "useful-tautologies:2"[THEN "→E"])
5711    using "cont-nec-fact2:2" apply fast
5712    using "rel-neg-T:3" apply fast
5713    using "oa-exist:2" apply blast
5714    using "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:3", OF "cqt:2[concrete]"[axiom_inst]] apply fast
5715    apply (rule "useful-tautologies:2"[THEN "→E"])
5716    using "cont-nec-fact2:2" apply blast
5717    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5718    using "oa-exist:2" apply fast
5719    using "cont-nec-fact2:4" apply fast
5720    apply (rule "useful-tautologies:2"[THEN "→E"])
5721    using "cont-nec-fact2:2" apply fast
5722    using "rel-neg-T:3" apply fast
5723    using "oa-exist:2" apply fast
5724    apply (rule "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
5725    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5726    apply (rule "useful-tautologies:2"[THEN "→E"])
5727    using "cont-nec-fact2:2" by blast
5728qed
5729
5730AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
5731  Δp df p  (¬𝒜p & p)
5732
5733AOT_theorem sixteen:
5734 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
5735«F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 & F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 & F1  F14 & F1  F15 & F1  F16 &
5736F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 & F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 & F2  F15 & F2  F16 &
5737F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 & F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
5738F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 & F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
5739F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 & F5  F13 & F5  F14 & F5  F15 & F5  F16 &
5740F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 & F6  F14 & F6  F15 & F6  F16 &
5741F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 & F7  F15 & F7  F16 &
5742F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 & F8  F16 &
5743F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
5744F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
5745F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
5746F12  F13 & F12  F14 & F12  F15 & F12  F16 &
5747F13  F14 & F13  F15 & F13  F16 &
5748F14  F15 & F14  F16 &
5749F15  F16) 
5750proof -
5751
5752  AOT_have Delta_pos: Δφ  φ for φ
5753  proof(rule "→I")
5754    AOT_assume Δφ
5755    AOT_hence φ  (¬𝒜φ & φ)
5756      using "≡dfE"[OF necessary_or_contingently_false] by blast
5757    moreover {
5758      AOT_assume φ
5759      AOT_hence φ
5760        by (metis "B◇" "T◇" "vdash-properties:10")
5761    }
5762    moreover {
5763      AOT_assume ¬𝒜φ & φ
5764      AOT_hence φ
5765        using "&E" by blast
5766    }
5767    ultimately AOT_show φ
5768      by (metis "∨E"(2) "raa-cor:1") 
5769  qed
5770
5771  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
5772    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false "raa-cor:3" that(1) that(2) by blast
5773  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
5774    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1) that(2) by blast
5775  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
5776    using Delta_pos "modus-tollens:1" that by blast
5777  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
5778    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1) that(2))
5779  AOT_have nec_delta: Δφ if φ for φ
5780    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
5781
5782  AOT_obtain a where a_prop: A!a
5783    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5784  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
5785    using "pos-not-pna:3" using "∃E"[rotated] by blast
5786
5787  AOT_have b_ord: [O!]b
5788  proof(rule "=dfI"(2)[OF AOT_ordinary])
5789    AOT_show x [E!]x] by "cqt:2[lambda]"
5790  next
5791    AOT_show x [E!]x]b
5792    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
5793      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
5794      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
5795    qed
5796  qed
5797
5798  AOT_have nec_not_L_neg: ¬[L-]x for x
5799    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
5800          CBF[THEN "→E"] "∀E" by blast
5801  AOT_have nec_L: [L]x for x
5802    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
5803      CBF[THEN "→E"] "∀E" by blast
5804
5805  AOT_have act_ord_b: 𝒜[O!]b
5806    using b_ord "≡E"(1) "oa-facts:7" by blast
5807  AOT_have delta_ord_b: Δ[O!]b
5808    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false "oa-facts:1" "vdash-properties:10")
5809  AOT_have not_act_ord_a: ¬𝒜[O!]a
5810    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
5811  AOT_have not_delta_ord_a: ¬Δ[O!]a
5812    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7" "reductio-aa:1" "vdash-properties:10")
5813
5814  AOT_have not_act_abs_b: ¬𝒜[A!]b
5815    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
5816  AOT_have not_delta_abs_b: ¬Δ[A!]b
5817  proof(rule "raa-cor:2")
5818    AOT_assume Δ[A!]b
5819    AOT_hence [A!]b
5820      by (metis Delta_pos "vdash-properties:10")
5821    AOT_thus [A!]b & ¬[A!]b
5822      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2" "oa-facts:4" "vdash-properties:10")
5823  qed
5824  AOT_have act_abs_a: 𝒜[A!]a
5825    using a_prop "≡E"(1) "oa-facts:8" by blast
5826  AOT_have delta_abs_a: Δ[A!]a
5827      by (metis "≡dfI" a_prop "oa-facts:2" "vdash-properties:10" "∨I"(1) necessary_or_contingently_false)
5828
5829  AOT_have not_act_concrete_b: ¬𝒜[E!]b
5830    using b_prop "&E"(2) by blast
5831  AOT_have delta_concrete_b: Δ[E!]b
5832  proof (rule "≡dfI"[OF necessary_or_contingently_false]; rule "∨I"(2); rule "&I")
5833    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
5834  next
5835    AOT_show [E!]b using b_prop "&E"(1) by blast
5836  qed
5837  AOT_have not_act_concrete_a: ¬𝒜[E!]a
5838  proof (rule "raa-cor:2")
5839    AOT_assume 𝒜[E!]a
5840    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "vdash-properties:10")
5841    AOT_have [A!]a by (simp add: a_prop)
5842    AOT_hence x ¬[E!]x]a
5843      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5844    AOT_hence ¬[E!]a using "β→C"(1) by blast
5845    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
5846  qed
5847  AOT_have not_delta_concrete_a: ¬Δ[E!]a
5848  proof (rule "raa-cor:2")
5849    AOT_assume Δ[E!]a
5850    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
5851    AOT_have [A!]a by (simp add: a_prop)
5852    AOT_hence x ¬[E!]x]a
5853      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5854    AOT_hence ¬[E!]a using "β→C"(1) by blast
5855    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
5856  qed
5857
5858  AOT_have not_act_q_zero: ¬𝒜q0
5859    by (meson "log-prop-prop:2" "pos-not-pna:1" q0_def "reductio-aa:1" "rule-id-def:2:a[zero]")
5860  AOT_have delta_q_zero: Δq0
5861  proof(rule "≡dfI"[OF necessary_or_contingently_false]; rule "∨I"(2); rule "&I")
5862    AOT_show ¬𝒜q0 using not_act_q_zero.
5863    AOT_show q0 by (meson "&E"(1) q0_prop)
5864  qed
5865  AOT_have act_not_q_zero: 𝒜¬q0 using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
5866  AOT_have not_delta_not_q_zero: ¬Δ¬q0
5867      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
5868
5869  AOT_have [L-] by (simp add: "rel-neg-T:3")
5870  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
5871  proof (safe intro!: "&I")
5872    AOT_show ¬𝒜[L-]b by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act" nec_not_L_neg "→E")
5873    AOT_show ¬Δ[L-]b by (meson Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1" nec_not_L_neg)
5874    AOT_show ¬𝒜[L-]a by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act" nec_not_L_neg "→E")
5875    AOT_show ¬Δ[L-]a using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1" nec_not_L_neg by blast
5876  qed
5877  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
5878    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5879  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
5880    using "&E" by blast+
5881  note props = this
5882
5883  let  = "«y [A!]y & q0]»"
5884  AOT_modally_strict {
5885    AOT_have [«»] by "cqt:2[lambda]"
5886  } note 1 = this
5887  moreover AOT_have¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
5888  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
5889    AOT_show ¬𝒜([A!]b & q0)
5890      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
5891  next AOT_show ¬Δ([A!]b & q0)
5892      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b "oa-facts:4" "oa-facts:8" "raa-cor:3" "vdash-properties:10")
5893  next AOT_show ¬𝒜([A!]a & q0)
5894      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero "raa-cor:3" by blast
5895  next AOT_show Δ([A!]a & q0)
5896    proof (rule not_act_and_pos_delta)
5897      AOT_show ¬𝒜([A!]a & q0)
5898        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero "raa-cor:3" by blast
5899    next AOT_show ([A!]a & q0)
5900        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a "≡E"(1) "oa-facts:6" q0_prop)
5901    qed
5902  qed
5903  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
5904    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5905  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
5906    using "&E" by blast+
5907  note props = props this
5908
5909  let  = "«y [A!]y & ¬q0]»"
5910  AOT_modally_strict {
5911    AOT_have [«»] by "cqt:2[lambda]"
5912  } note 1 = this
5913  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
5914  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
5915    AOT_show ¬𝒜([A!]b & ¬q0)
5916      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
5917  next AOT_show ¬Δ([A!]b & ¬q0)
5918      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4) "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
5919  next AOT_show 𝒜([A!]a & ¬q0)
5920      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:3")
5921  next AOT_show ¬Δ([A!]a & ¬q0)
5922    proof (rule act_and_not_nec_not_delta)
5923      AOT_show 𝒜([A!]a & ¬q0)
5924        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:3")
5925    next
5926      AOT_show ¬([A!]a & ¬q0)
5927        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4) q0_prop "raa-cor:3")
5928    qed
5929  qed
5930  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
5931    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5932  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
5933    using "&E" by blast+
5934  note props = props this
5935
5936  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
5937    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b by presburger
5938  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
5939    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
5940  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
5941    using "&E" by blast+
5942  note props = props this
5943
5944  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
5945    by (meson "&I" delta_concrete_b not_act_concrete_a not_act_concrete_b not_delta_concrete_a)
5946  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
5947    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5948  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
5949    using "&E" by blast+
5950  note props = props this
5951
5952  AOT_modally_strict {
5953    AOT_have y q0] by "cqt:2[lambda]"
5954  } note 1 = this
5955  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
5956    by (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
5957       (auto simp: not_act_q_zero delta_q_zero)
5958  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
5959    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5960  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
5961    using "&E" by blast+
5962  note props = props this
5963
5964  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
5965  AOT_modally_strict {
5966    AOT_have [«»] by "cqt:2[lambda]"
5967  } note 1 = this
5968  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
5969  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
5970    AOT_have 𝒜¬([A!]b & ¬q0)
5971      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
5972                "≡E"(1) "raa-cor:3")
5973    moreover AOT_have ¬𝒜[E!]b
5974      using b_prop "&E"(2) by blast
5975    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
5976      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
5977    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
5978      by (AOT_subst «¬([E!]b  ([A!]b & ¬q0))» «¬[E!]b & ¬([A!]b & ¬q0)»)
5979         (auto simp: "oth-class-taut:5:d" 2)
5980    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
5981      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
5982  next
5983    AOT_show Δ([E!]b  ([A!]b & ¬q0))
5984    proof (rule not_act_and_pos_delta)
5985      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
5986        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "Conjunction Simplification"(1) "≡E"(4) "modus-tollens:1" not_act_abs_b not_act_concrete_b "raa-cor:3")
5987    next
5988      AOT_show ([E!]b  ([A!]b & ¬q0))
5989        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
5990    qed
5991  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
5992      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I" "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
5993  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
5994    proof (rule act_and_not_nec_not_delta)
5995      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
5996        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I" "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
5997    next
5998      AOT_have ¬[E!]a
5999        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2) necessary_or_contingently_false not_act_concrete_a not_delta_concrete_a "raa-cor:3")
6000      moreover AOT_have ¬([A!]a & ¬q0)
6001        by (metis "KBasic2:1" "KBasic:11" "KBasic:3" "&E"(1) "&E"(2) "≡E"(1) q0_prop "raa-cor:3")
6002      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0)) by (metis "KBasic:16" "&I" "vdash-properties:10")
6003      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
6004        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
6005      AOT_thus ¬([E!]a  ([A!]a & ¬q0)) by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
6006    qed
6007  qed
6008  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
6009    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6010  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
6011    using "&E" by blast+
6012  note props = props this
6013
6014  let  = "«y [A!]y  [E!]y]»"
6015  AOT_modally_strict {
6016    AOT_have [«»] by "cqt:2[lambda]"
6017  } note 1 = this
6018  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
6019  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6020    AOT_show ¬𝒜([A!]b  [E!]b)
6021      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b not_act_concrete_b "raa-cor:3" by blast
6022  next AOT_show Δ([A!]b  [E!]b)
6023    proof (rule not_act_and_pos_delta)
6024      AOT_show ¬𝒜([A!]b  [E!]b)
6025        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b not_act_concrete_b "raa-cor:3" by blast
6026    next AOT_show ([A!]b  [E!]b)
6027        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
6028    qed
6029  next AOT_show 𝒜([A!]a  [E!]a)
6030      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
6031  next AOT_show Δ([A!]a  [E!]a)
6032    proof (rule nec_delta)
6033      AOT_show ([A!]a  [E!]a)
6034        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "vdash-properties:10")
6035    qed
6036  qed
6037  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
6038    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6039  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
6040    using "&E" by blast+
6041  note props = props this
6042
6043  let  = "«y [O!]y & ¬[E!]y]»"
6044  AOT_modally_strict {
6045    AOT_have [«»] by "cqt:2[lambda]"
6046  } note 1 = this
6047  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
6048  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6049    AOT_show 𝒜([O!]b & ¬[E!]b)
6050      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:3")
6051  next AOT_show ¬Δ([O!]b & ¬[E!]b)
6052      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1" act_and_not_nec_not_delta "act-conj-act:3"
6053                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2) "df-rules-formulas[3]"
6054                "≡E"(3) "raa-cor:1" "→E")
6055  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
6056      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
6057  next AOT_have ¬([O!]a & ¬[E!]a)
6058      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7" "raa-cor:3" "vdash-properties:10")
6059    AOT_thus ¬Δ([O!]a & ¬[E!]a)
6060      by (rule impossible_delta)
6061  qed      
6062  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
6063    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6064  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
6065    using "&E" by blast+
6066  note props = props this
6067
6068  (* TODO_PLM: binary property 9 wrong in PLM *)
6069  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
6070  AOT_modally_strict {
6071    AOT_have [«»] by "cqt:2[lambda]"
6072  } note 1 = this
6073  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6074  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6075    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
6076      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I" "∨I"(1)
6077                "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
6078  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
6079    proof (rule act_and_pos_not_not_delta)
6080      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
6081        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I" "∨I"(1)
6082                  "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
6083    next
6084      AOT_show ¬(¬[E!]b & ([O!]b  q0))
6085      proof (AOT_subst «¬(¬[E!]b & ([O!]b  q0))» «[E!]b  ¬([O!]b  q0)»)
6086        AOT_modally_strict {
6087          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
6088            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2) "∨E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
6089        }
6090      next
6091        AOT_show ([E!]b  ¬([O!]b  q0))
6092          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
6093       qed
6094     qed
6095   next
6096     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
6097       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1) not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
6098   next
6099     AOT_show Δ(¬[E!]a & ([O!]a  q0))
6100     proof (rule not_act_and_pos_delta)
6101       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
6102         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1) not_act_ord_a not_act_q_zero "reductio-aa:2")
6103     next
6104       AOT_have ¬[E!]a
6105         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a not_delta_concrete_a "raa-cor:5" by blast
6106       moreover AOT_have ([O!]a  q0)
6107         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
6108       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
6109         by (metis "KBasic:16" "&I" "vdash-properties:10")
6110     qed
6111   qed
6112  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
6113    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6114  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
6115    using "&E" by blast+
6116  note props = props this
6117
6118  AOT_modally_strict {
6119    AOT_have y ¬q0] by "cqt:2[lambda]"
6120  } note 1 = this
6121  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
6122    by (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1]; auto simp: act_not_q_zero not_delta_not_q_zero)
6123  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
6124    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6125  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
6126    using "&E" by blast+
6127  note props = props this
6128
6129  AOT_modally_strict {
6130    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
6131  } note 1 = this
6132  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b & 𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
6133  proof (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6134    AOT_show 𝒜¬[E!]b
6135      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
6136  next AOT_show ¬Δ¬[E!]b
6137      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
6138  next AOT_show 𝒜¬[E!]a
6139      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
6140  next AOT_show Δ¬[E!]a
6141      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta not_act_concrete_a not_delta_concrete_a "reductio-aa:1" by blast
6142  qed
6143  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
6144    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6145  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
6146    using "&E" by blast+
6147  note props = props this
6148
6149  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
6150    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
6151  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
6152    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6153  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
6154    using "&E" by blast+
6155  note props = props this
6156
6157  let  = "«y [O!]y  q0]»"
6158  AOT_modally_strict {
6159    AOT_have [«»] by "cqt:2[lambda]"
6160  } note 1 = this
6161  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6162  proof (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6163    AOT_show 𝒜([O!]b  q0)
6164      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
6165  next AOT_show Δ([O!]b  q0)
6166      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "vdash-properties:10")
6167  next AOT_show ¬𝒜([O!]a  q0)
6168      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a not_act_q_zero "raa-cor:3" by blast
6169  next AOT_show Δ([O!]a  q0)
6170    proof (rule not_act_and_pos_delta)
6171      AOT_show ¬𝒜([O!]a  q0)
6172        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a not_act_q_zero "raa-cor:3" by blast
6173    next AOT_show ([O!]a  q0)
6174        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
6175    qed
6176  qed
6177  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
6178    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6179  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
6180    using "&E" by blast+
6181  note props = props this
6182
6183  let  = "«y [O!]y  ¬q0]»"
6184  AOT_modally_strict {
6185     AOT_have [«»] by "cqt:2[lambda]"
6186  } note 1 = this
6187  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
6188  proof (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6189    AOT_show 𝒜([O!]b  ¬q0)
6190      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6191  next AOT_show Δ([O!]b  ¬q0)
6192      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "vdash-properties:10")
6193  next AOT_show 𝒜([O!]a  ¬q0)
6194      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6195  next AOT_show ¬Δ([O!]a  ¬q0)
6196    proof(rule act_and_pos_not_not_delta)
6197      AOT_show 𝒜([O!]a  ¬q0)
6198        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6199    next
6200      AOT_have ¬[O!]a
6201        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
6202      moreover AOT_have q0
6203        by (meson "&E"(1) q0_prop)
6204      ultimately AOT_have 2: (¬[O!]a & q0)
6205         by (metis "KBasic:16" "&I" "vdash-properties:10")
6206      AOT_show ¬([O!]a  ¬q0)
6207      proof (AOT_subst_rev «¬[O!]a & q0» «¬([O!]a  ¬q0)»)
6208        AOT_modally_strict {
6209          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
6210            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
6211                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
6212        }
6213      next
6214        AOT_show (¬[O!]a & q0)
6215          using "2" by blast
6216      qed
6217    qed
6218  qed
6219  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
6220    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6221  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
6222    using "&E" by blast+
6223  note props = props this
6224
6225  AOT_have [L]
6226    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6227  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
6228  proof (safe intro!: "&I")
6229    AOT_show 𝒜[L]b
6230      by (meson nec_L "nec-imp-act" "vdash-properties:10")
6231    next AOT_show Δ[L]b using nec_L nec_delta by blast
6232    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "vdash-properties:10")
6233    next AOT_show Δ[L]a using nec_L nec_delta by blast
6234  qed
6235  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
6236    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6237  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
6238    using "&E" by blast+
6239  note props = props this
6240
6241  show ?thesis
6242    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1]; rule "∃I"(2)[where β=F2];
6243           rule "∃I"(2)[where β=F3]; rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
6244           rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7]; rule "∃I"(2)[where β=F8];
6245           rule "∃I"(2)[where β=F9]; rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
6246           rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13]; rule "∃I"(2)[where β=F14];
6247           rule "∃I"(2)[where β=F15]; safe intro!: "&I")
6248       (match conclusion in "[?v  [F]  [G]]" for F G  6249        match props in A: "[?v  ¬φ{F}]" for φ 6250        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 6251        match props in B: "[?v  φ{G}]" 6252        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
6253                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
6254                                OF "Disjunction Addition"(2)[THEN "→E"],
6255                                OF "&I", OF A, OF B]››››)+
6256qed
6257
6258AOT_theorem "o-objects-exist:1": x O!x
6259proof(rule RN)
6260  AOT_modally_strict {
6261    AOT_obtain a where (E!a & ¬𝒜[E!]a)
6262      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]] by blast
6263    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
6264    AOT_have x [E!]x]a
6265    proof (rule "β←C"(1); "cqt:2[lambda]"?)
6266      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
6267    next
6268      AOT_show E!a by (fact 1)
6269    qed
6270    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6271    AOT_thus x [O!]x by (rule "∃I")
6272  }
6273qed
6274
6275AOT_theorem "o-objects-exist:2": x A!x
6276proof (rule RN)
6277  AOT_modally_strict {
6278    AOT_obtain a where [A!]a
6279      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6280    AOT_thus x A!x using "∃I" by blast
6281  }
6282qed
6283
6284AOT_theorem "o-objects-exist:3": ¬x O!x
6285  by (rule RN) (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]" "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2" "qml:2"[axiom_inst] "reductio-aa:2")
6286
6287AOT_theorem "o-objects-exist:4": ¬x A!x
6288  by (rule RN) (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]" "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2" "qml:2"[axiom_inst] "→E")
6289
6290AOT_theorem "o-objects-exist:5": ¬x E!x
6291proof (rule RN; rule "raa-cor:2")
6292  AOT_modally_strict {
6293    AOT_assume x E!x
6294    moreover AOT_obtain a where abs: A!a
6295      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]] "∃E"[rotated] by blast
6296    ultimately AOT_have E!a using "∀E" by blast
6297    AOT_hence 1: E!a by (metis "T◇" "→E")
6298    AOT_have y E!y]a
6299    proof (rule "β←C"(1); "cqt:2[lambda]"?)
6300      AOT_show a using "cqt:2[const_var]"[axiom_inst].
6301    next
6302      AOT_show E!a by (fact 1)
6303    qed
6304    AOT_hence O!a
6305      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6306    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
6307    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
6308  }
6309qed
6310
6311AOT_theorem partition: ¬x (O!x & A!x)
6312proof(rule "raa-cor:2")
6313  AOT_assume x (O!x & A!x)
6314  then AOT_obtain a where O!a & A!a using "∃E"[rotated] by blast
6315  AOT_thus p & ¬p for p by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1) "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
6316qed
6317
6318AOT_define eq_E :: ‹Π› ("'(=E')") "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
6319
6320syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
6321translations
6322  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
6323(* TODO: try to replace by a simple translations pattern *)
6324print_translation6325AOT_syntax_print_translations
6326[(const_syntax‹AOT_exe›, fn ctxt => fn [
6327  Const ("constAOT_PLM.eq_E", _),
6328  Const (const_syntax‹Pair›, _) $ lhs $ rhs
6329] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
6330
6331text‹Note: Not explicitly mentioned as theorem in PLM.›
6332AOT_theorem "=E[denotes]": [(=E)]
6333  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
6334
6335AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
6336proof -
6337  (* TODO: rethink the product hacks *)
6338  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
6339    by (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6340  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2[lambda]"
6341  show ?thesis apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
6342    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(AOT_term_of_var x,AOT_term_of_var y)", OF 0]
6343    by fast
6344qed
6345
6346AOT_theorem "=E-simple:2": x =E y  x = y
6347proof (rule "→I")
6348  AOT_assume x =E y
6349  AOT_hence O!x & O!y & F ([F]x  [F]y) using "=E-simple:1"[THEN "≡E"(1)] by blast
6350  AOT_thus x = y
6351    using "≡dfI"[OF "identity:1"] "∨I" by blast
6352qed
6353
6354AOT_theorem "id-nec3:1": x =E y  (x =E y)
6355proof (rule "≡I"; rule "→I")
6356  AOT_assume x =E y
6357  AOT_hence O!x & O!y & F ([F]x  [F]y)
6358    using "=E-simple:1" "≡E" by blast
6359  AOT_hence O!x & O!y & F ([F]x  [F]y)
6360    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4) "oa-facts:1" "raa-cor:3" "vdash-properties:10")
6361  AOT_hence 1: (O!x & O!y & F ([F]x  [F]y))
6362    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
6363  AOT_show (x =E y)
6364    apply (AOT_subst «x =E y» «O!x & O!y & F ([F]x  [F]y)»)
6365     using "=E-simple:1" apply presburger
6366    by (simp add: "1")
6367next
6368  AOT_assume (x =E y)
6369  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
6370qed
6371
6372AOT_theorem "id-nec3:2": (x =E y)  x =E y
6373  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1) "≡E"(5) "Commutativity of ≡")
6374
6375AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
6376  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
6377
6378syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
6379translations
6380  (Π) "(≠E)" == (Π) "(=E)-"
6381syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
6382translations
6383 "_AOT_non_eq_E_infix κ κ'" == "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
6384(* TODO: try replacing be a simple translations pattern *)
6385print_translation6386AOT_syntax_print_translations
6387[(const_syntax‹AOT_exe›, fn ctxt => fn [
6388  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
6389  Const (const_syntax‹Pair›, _) $ lhs $ rhs
6390] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
6391AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
6392proof -
6393  (* TODO: rethink the product hacks *)
6394  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
6395    by (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6396  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2[lambda]" (* TODO_PLM: convoluted proof in PLM; TODO: product hack *)
6397  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
6398    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
6399       (meson "oth-class-taut:3:a")
6400  also AOT_have   ¬(=E)xy
6401    apply (rule "beta-C-meta"[THEN "→E", unvarify ν1νn])
6402     apply "cqt:2[lambda]"
6403    by (fact 0)
6404  finally show ?thesis.
6405qed
6406
6407AOT_theorem "id-nec4:1": x E y  (x E y)
6408proof -
6409  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
6410  also AOT_have   ¬(x =E y)
6411    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
6412  also AOT_have   ¬(x =E y)
6413    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
6414  also AOT_have   (x E y)
6415    by (AOT_subst_rev "«x E y»" "«¬(x =E y)»")
6416       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
6417  finally show ?thesis.
6418qed
6419
6420AOT_theorem "id-nec4:2": (x E y)  (x E y)
6421  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2) "≡E"(5) "Commutativity of ≡")
6422
6423AOT_theorem "id-nec4:3": (x E y)  (x E y)
6424  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
6425
6426AOT_theorem "id-act2:1": x =E y  𝒜x =E y
6427  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1) "≡E"(6))
6428AOT_theorem "id-act2:2": x E y  𝒜x E y
6429  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1) "≡E"(6))
6430
6431AOT_theorem "ord=Eequiv:1": O!x  x =E x
6432proof (rule "→I")
6433  AOT_assume 1: O!x
6434  AOT_show x =E x
6435    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
6436    apply (rule "β←C"(1))
6437      apply "cqt:2[lambda]"
6438     apply (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6439    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
6440qed
6441
6442AOT_theorem "ord=Eequiv:2": x =E y  y =E x
6443proof(rule CP)
6444  AOT_assume 1: x =E y
6445  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
6446  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
6447  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
6448  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
6449qed
6450
6451AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
6452proof (rule CP)
6453  AOT_assume 1: x =E y & y =E z
6454  AOT_hence x = y & y = z
6455    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
6456  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
6457  moreover AOT_have x =E x
6458    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1) "ord=Eequiv:1" "→E" by blast
6459  ultimately AOT_show x =E z
6460    using "rule=E" by fast
6461qed
6462
6463AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
6464proof(rule CP)
6465  AOT_assume O!x  O!y
6466  moreover {
6467    AOT_assume O!x
6468    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
6469    moreover {
6470      AOT_modally_strict {
6471        AOT_have O!x  (x = y  x =E y)
6472        proof (rule "→I"; rule "≡I"; rule "→I")
6473          AOT_assume O!x
6474          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
6475          moreover AOT_assume x = y
6476          ultimately AOT_show x =E y using "rule=E" by fast
6477        next
6478          AOT_assume x =E y
6479          AOT_thus x = y by (metis "=E-simple:2" "→E")
6480        qed
6481      }
6482      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
6483    }
6484    ultimately AOT_have (x = y  x =E y) using "→E" by blast
6485  }
6486  moreover {
6487    AOT_assume O!y
6488    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
6489    moreover {
6490      AOT_modally_strict {
6491        AOT_have O!y  (x = y  x =E y)
6492        proof (rule "→I"; rule "≡I"; rule "→I")
6493          AOT_assume O!y
6494          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
6495          moreover AOT_assume x = y
6496          ultimately AOT_show x =E y using "rule=E" id_sym by fast
6497        next
6498          AOT_assume x =E y
6499          AOT_thus x = y by (metis "=E-simple:2" "→E")
6500        qed
6501      }
6502      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
6503    }
6504    ultimately AOT_have (x = y  x =E y) using "→E" by blast
6505  }
6506  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
6507qed
6508
6509AOT_theorem "ord-=E=:2": O!y  x x = y]
6510proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
6511  AOT_show x x =E y] by "cqt:2[lambda]"
6512next
6513  AOT_assume O!y
6514  AOT_hence 1: (x = y  x =E y) for x using "ord-=E=:1" "→E" "∨I" by blast
6515  AOT_have (x =E y  x = y) for x
6516    by (AOT_subst «x =E y  x = y» «x = y  x =E y»)
6517       (auto simp add: "Commutativity of ≡" 1)
6518  AOT_hence x (x =E y  x = y) by (rule GEN)
6519  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
6520qed
6521
6522
6523AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
6524proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
6525  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
6526next
6527  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
6528  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
6529    AOT_modally_strict {
6530      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
6531        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
6532                  "modus-tollens:1" "raa-cor:1" that)
6533    }
6534  next
6535    AOT_modally_strict {
6536      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
6537        apply(safe intro!: "&I")
6538          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
6539         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
6540        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
6541              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]] by fast
6542    }
6543  qed
6544qed
6545
6546AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
6547proof(rule "→I")
6548  AOT_assume F ([F]x  [F]y)
6549  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
6550  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
6551    using "∀E" by blast
6552  moreover AOT_have x F ([F]x  [F]y)]y
6553    apply (rule "β←C"(1))
6554      apply "cqt:2[lambda]"
6555     apply (fact "cqt:2[const_var]"[axiom_inst])
6556    by (simp add: RN GEN "oth-class-taut:3:a")
6557  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
6558  AOT_thus F ([F]x  [F]y)
6559    using "β→C"(1) by blast
6560qed
6561
6562AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
6563proof (rule "→I"; rule "→I")
6564  AOT_assume F ([F]x  [F]y)
6565  AOT_hence F ([F]x  [F]y)
6566    using "ind-nec"[THEN "→E"] by blast
6567  moreover AOT_assume O!x & O!y
6568  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
6569    using "&I" by blast
6570  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
6571qed
6572
6573AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
6574proof (rule "→I"; rule "→I")
6575  AOT_assume O!x & O!y
6576  moreover AOT_assume F ([F]x  [F]y)
6577  ultimately AOT_have x =E y
6578    using "ord=E:1" "→E" by blast
6579  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
6580qed
6581
6582AOT_theorem "ord=E2:1": (O!x & O!y)  (x  y  z z =E x]  z z =E y])
6583proof (rule "→I"; rule "≡I"; rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6584  AOT_assume 0: O!x & O!y
6585  AOT_assume x  y
6586  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
6587  AOT_assume z z =E x] = z z =E y]
6588  moreover AOT_have z z =E x]x
6589    apply (rule "β←C"(1))
6590      apply "cqt:2[lambda]"
6591     apply (fact "cqt:2[const_var]"[axiom_inst])
6592    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
6593  ultimately AOT_have z z =E y]x using "rule=E" by fast
6594  AOT_hence x =E y using "β→C"(1) by blast
6595  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
6596  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
6597next
6598  AOT_assume z z =E x]  z z =E y]
6599  AOT_hence 0: ¬(z z =E x] = z z =E y]) using "≡dfE"[OF "=-infix"] by blast
6600  AOT_have z z =E x] by "cqt:2[lambda]"
6601  AOT_hence z z =E x] = z z =E x]
6602    by (metis "rule=I:1")
6603  moreover AOT_assume x = y
6604  ultimately AOT_have z z =E x] = z z =E y]
6605    using "rule=E" by fast
6606  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
6607    using 0 "&I" by blast
6608qed
6609
6610AOT_theorem "ord=E2:2": (O!x & O!y)  (x  y  z z = x]  z z = y])
6611proof (rule "→I"; rule "≡I"; rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6612  AOT_assume 0: O!x & O!y
6613  AOT_assume x  y
6614  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
6615  AOT_assume z z = x] = z z = y]
6616  moreover AOT_have z z = x]x
6617    apply (rule "β←C"(1))
6618    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
6619     apply (fact "cqt:2[const_var]"[axiom_inst])
6620    by (simp add: "id-eq:1")
6621  ultimately AOT_have z z = y]x using "rule=E" by fast
6622  AOT_hence x = y using "β→C"(1) by blast
6623  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
6624next
6625  AOT_assume 0: O!x & O!y
6626  AOT_assume z z = x]  z z = y]
6627  AOT_hence 1: ¬(z z = x] = z z = y]) using "≡dfE"[OF "=-infix"] by blast
6628  AOT_have z z = x] by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
6629  AOT_hence z z = x] = z z = x]
6630    by (metis "rule=I:1")
6631  moreover AOT_assume x = y
6632  ultimately AOT_have z z = x] = z z = y]
6633    using "rule=E" by fast
6634  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
6635    using 1 "&I" by blast
6636qed
6637
6638AOT_theorem ordnecfail: O!x  ¬F x[F]
6639  by (meson "RM:1" "deduction-theorem" nocoder "oa-facts:1" "vdash-properties:10" "vdash-properties:1[2]")
6640
6641AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
6642proof (rule "→I"; rule "→I")
6643  AOT_assume 1: A!x & A!y
6644  AOT_assume F (x[F]  y[F])
6645  AOT_hence x[F]  y[F] for F using "∀E" by blast
6646  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
6647  AOT_hence F (x[F]  y[F]) by (rule GEN)
6648  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
6649  AOT_thus x = y
6650    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
6651qed
6652
6653AOT_theorem "ab-obey:2": (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
6654proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6655  AOT_assume 1: x = y
6656  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
6657  moreover {
6658    AOT_assume F (x[F] & ¬y[F])
6659    then AOT_obtain F where x[F] & ¬y[F] using "∃E"[rotated] by blast
6660    moreover AOT_have y[F] using calculation[THEN "&E"(1)] 1 "rule=E" by fast
6661    ultimately AOT_have p & ¬p for p by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
6662  }
6663  moreover {
6664    AOT_assume F (y[F] & ¬x[F])
6665    then AOT_obtain F where y[F] & ¬x[F] using "∃E"[rotated] by blast
6666    moreover AOT_have ¬y[F] using calculation[THEN "&E"(2)] 1 "rule=E" by fast
6667    ultimately AOT_have p & ¬p for p by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
6668  }
6669  ultimately AOT_show p & ¬p for p by (metis "∨E"(3) "raa-cor:1")
6670qed
6671
6672AOT_theorem "encoders-are-abstract": F x[F]  A!x
6673  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
6674            "oa-contingent:3" "vdash-properties:1[2]")
6675
6676AOT_theorem "denote=:1": Hx x[H]
6677  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6678
6679AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
6680  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6681
6682AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
6683  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6684
6685AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
6686  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6687
6688AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
6689  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6690
6691AOT_theorem "denote=:3": x x[Π]  H (H = Π)
6692  using "existence:2[1]" "free-thms:1" "≡E"(2) "≡E"(5) "Commutativity of ≡" "≡Df" by blast
6693
6694AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
6695  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
6696
6697AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
6698  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
6699
6700AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
6701  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
6702
6703AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
6704  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
6705
6706AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
6707proof (rule "uniqueness:1"[THEN "≡dfI"])
6708  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
6709    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
6710  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
6711  proof (rule "→I")
6712    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
6713    AOT_hence β[F]  φ{F} for F using "∀E" "&E" by blast
6714    AOT_hence β[F]  a[F] for F
6715      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2) "≡E"(5) "Commutativity of ≡" by fast
6716    AOT_hence F (β[F]  a[F]) by (rule GEN)
6717    AOT_thus β = a
6718      using "ab-obey:1"[THEN "→E", OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]], THEN "→E"] by blast
6719  qed
6720  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
6721  AOT_thus α ([A!]α & F (α[F]  φ{F}) & β ([A!]β & F (β[F]  φ{F})  β = α))
6722    using "∃I" using a_prop "&I" by fast
6723qed
6724
6725AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
6726  using "A-objects!" by fast
6727
6728AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
6729  using "A-objects!" by fast
6730
6731AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
6732  using "A-objects!" by fast
6733
6734AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
6735  using "A-objects!" by fast
6736
6737AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
6738  using "A-objects!" by fast
6739
6740AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
6741  using "A-objects!" by fast
6742
6743AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
6744  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
6745
6746AOT_act_theorem "thm-can-terms2": y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
6747  using "y-in:2" by blast
6748
6749AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
6750proof(rule "→I")
6751  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
6752  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
6753    using "actual-desc:2"[THEN "→E"] by blast
6754  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
6755  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
6756qed
6757
6758AOT_act_theorem "desc-encode": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
6759proof -
6760  AOT_have ιx(A!x & F (x[F]  φ{F}))
6761    by (simp add: "A-descriptions")
6762  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) & F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6763    using "y-in:3"[THEN "→E"] by blast
6764  AOT_thus ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
6765    using "&E" "∀E" by blast
6766qed
6767
6768AOT_theorem "desc-nec-encode": ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
6769proof -
6770  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
6771    by (simp add: "A-descriptions")
6772  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) & F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
6773    using "actual-desc:4"[THEN "→E"] by blast
6774  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6775    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
6776  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6777    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
6778  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[G]  φ{G})
6779    using "∀E" by blast
6780  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
6781    using "Act-Basic:5" "≡E"(1) by blast
6782  AOT_thus ιx(A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
6783    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
6784qed
6785
6786AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
6787  by (rule "→I"; rule "desc-nec-encode"[THEN "≡E"(2)])
6788     (meson "nec-imp-act" "vdash-properties:10")
6789
6790AOT_theorem "Box-desc-encode:2": φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
6791proof(rule CP)
6792  AOT_assume φ{G}
6793  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
6794  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
6795  proof (rule RM; rule "→I")
6796    AOT_modally_strict {
6797      AOT_assume 1: φ{G}
6798      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G] using "Box-desc-encode:1" "→E" by blast
6799      moreover AOT_have φ{G} using 1 by (meson "qml:2" "vdash-properties:10" "vdash-properties:1[2]")
6800      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
6801        using "deduction-theorem" "≡I" by simp
6802    }
6803  qed
6804  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}) using "→E" by blast
6805qed
6806
6807definition rigid_condition where rigid_condition φ  v . [v  α (φ{α}  φ{α})]
6808syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
6809
6810AOT_theorem "strict-can:1[E]": assumes RIGID_CONDITION(φ)
6811  shows α (φ{α}  φ{α})
6812  using assms[unfolded rigid_condition_def] by auto
6813
6814AOT_theorem "strict-can:1[I]":
6815  assumes  α (φ{α}  φ{α})
6816  shows RIGID_CONDITION(φ)
6817  using assms rigid_condition_def by auto
6818
6819AOT_theorem "box-phi-a:1": assumes RIGID_CONDITION(φ)
6820  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
6821proof (rule "→I")
6822  AOT_assume a: A!x & F (x[F]  φ{F})
6823  AOT_hence b: A!x by (metis "Conjunction Simplification"(1) "oa-facts:2" "vdash-properties:10")
6824  AOT_have x[F]  φ{F} for F using a[THEN "&E"(2)] "∀E" by blast
6825  moreover AOT_have (x[F]  x[F]) for F by (meson "pre-en-eq:1[1]" RN)
6826  moreover AOT_have (φ{F}  φ{F}) for F using RN "strict-can:1[E]"[OF assms] "∀E" by blast
6827  ultimately AOT_have (x[F]  φ{F}) for F
6828    by (metis "&I" "sc-eq-box-box:5" "vdash-properties:6")
6829  AOT_hence F (x[F]  φ{F}) by (rule GEN)
6830  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
6831  AOT_thus ([A!]x & F (x[F]  φ{F}))
6832    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
6833qed
6834
6835AOT_theorem "box-phi-a:2": assumes RIGID_CONDITION(φ)
6836  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
6837proof(rule "→I")
6838  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
6839  AOT_hence 𝒜(A!y & F (y[F]  φ{F})) using "actual-desc:2"[THEN "→E"] by fast
6840  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
6841    using "Act-Basic:2" "&E" "≡E"(1) by blast+
6842  AOT_hence F 𝒜(y[F]  φ{F}) by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
6843  AOT_hence 𝒜(y[F]  φ{F}) for F using "∀E" by blast
6844  AOT_hence 𝒜y[F]  𝒜φ{F} for F by (metis "Act-Basic:5" "≡E"(1)) 
6845  AOT_hence y[F]  φ{F} for F
6846    using "sc-eq-fur:2"[THEN "→E", OF "strict-can:1[E]"[OF assms, THEN "∀E"(2)[where β=F], THEN RN]]
6847    by (metis "en-eq:10[1]" "≡E"(6))
6848  AOT_hence F (y[F]  φ{F}) by (rule GEN)
6849  AOT_thus [A!]y & F (y[F]  φ{F}) using abs "&I" "≡E"(2) "oa-facts:8" by blast
6850qed
6851
6852AOT_theorem "box-phi-a:3": assumes RIGID_CONDITION(φ)
6853  shows ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
6854  using "desc-nec-encode" 
6855    "sc-eq-fur:2"[THEN "→E", OF "strict-can:1[E]"[OF assms, THEN "∀E"(2)[where β=G], THEN RN]]
6856    "≡E"(5) by blast
6857
6858AOT_define Null :: ‹τ  φ› ("Null'(_')") 
6859  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
6860
6861AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
6862  "df-null-uni:2": Universal(x) df A!x & F x[F]
6863
6864AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
6865proof (rule "uniqueness:1"[THEN "≡dfI"])
6866  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
6867    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
6868  AOT_have a_null: ¬a[F] for F
6869  proof (rule "raa-cor:2")
6870    AOT_assume a[F]
6871    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
6872    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
6873    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
6874  qed
6875  AOT_have Null(a) & β (Null(β)  β = a)
6876  proof (rule "&I")
6877    AOT_have ¬F a[F] using a_null by (metis "instantiation" "reductio-aa:1")
6878    AOT_thus Null(a)
6879      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
6880  next
6881    AOT_show β (Null(β)  β = a)
6882    proof (rule GEN; rule "→I")
6883      fix β
6884      AOT_assume a: Null(β)
6885      AOT_hence ¬F β[F]
6886        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
6887      AOT_hence β_null: ¬β[F] for F by (metis "existential:2[const_var]" "reductio-aa:1")
6888      AOT_have F (β[F]  a[F])
6889        apply (rule GEN; rule "≡I"; rule CP)
6890        using "raa-cor:3" β_null a_null by blast+
6891      moreover AOT_have A!β using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
6892      ultimately AOT_show β = a
6893        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"] "&I" by blast
6894    qed
6895  qed
6896  AOT_thus α (Null(α) & β (Null(β)  β = α)) using "∃I"(2) by fast
6897qed
6898
6899AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
6900proof (rule "uniqueness:1"[THEN "≡dfI"])
6901  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
6902    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
6903  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
6904  AOT_hence Universal(a)
6905    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
6906  moreover AOT_have β (Universal(β)  β = a)
6907  proof (rule GEN; rule "→I")
6908    fix β
6909    AOT_assume Universal(β)
6910    AOT_hence abs_β: A!β and β[F] for F using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
6911    AOT_hence β[F]  a[F] for F using aF by (metis "deduction-theorem" "≡I")
6912    AOT_hence F (β[F]  a[F]) by (rule GEN)
6913    AOT_thus β = a
6914      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"] "&I" abs_β by blast
6915  qed
6916  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
6917    using "&I" "∃I" by fast
6918qed
6919
6920AOT_theorem "null-uni-uniq:3": ιx Null(x)
6921  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
6922
6923AOT_theorem "null-uni-uniq:4": ιx Universal(x)
6924  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
6925
6926AOT_define Null_object :: ‹κs (a)
6927  "df-null-uni-terms:1": a =df ιx Null(x)
6928
6929AOT_define Universal_object :: ‹κs (aV)
6930  "df-null-uni-terms:2": aV =df ιx Universal(x)
6931
6932AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
6933proof (rule "→I")
6934  AOT_assume Null(x)
6935  AOT_hence x_abs: A!x and x_null: ¬F x[F]
6936    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
6937  AOT_have ¬x[F] for F using x_null
6938    using "existential:2[const_var]" "reductio-aa:1"
6939    by metis
6940  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
6941  AOT_hence F ¬x[F] by (rule GEN)
6942  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
6943  moreover AOT_have F ¬x[F]  ¬F x[F]
6944    apply (rule RM)
6945    by (metis (full_types) "instantiation" "cqt:2[const_var]" "deduction-theorem"
6946                           "reductio-aa:1" "rule-ui:1" "vdash-properties:1[2]")
6947  ultimately AOT_have ¬F x[F]
6948    by (metis "→E")
6949  moreover AOT_have A!x using x_abs
6950    using "oa-facts:2" "vdash-properties:10" by blast
6951  ultimately AOT_have r: (A!x & ¬F x[F])
6952    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
6953  AOT_show Null(x)
6954    by (AOT_subst "«Null(x)»" "«A!x & ¬F x[F]»")
6955       (auto simp: "df-null-uni:1" "≡Df" r)
6956qed  
6957
6958AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
6959proof (rule "→I")
6960  AOT_assume Universal(x)
6961  AOT_hence x_abs: A!x and x_univ: F x[F]
6962    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
6963  AOT_have x[F] for F using x_univ "∀E" by blast
6964  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
6965  AOT_hence F x[F] by (rule GEN)
6966  AOT_hence F x[F] by (rule BF[THEN "→E"])
6967  moreover AOT_have A!x using x_abs
6968    using "oa-facts:2" "vdash-properties:10" by blast
6969  ultimately AOT_have r: (A!x & F x[F])
6970    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
6971  AOT_show Universal(x)
6972    by (AOT_subst "«Universal(x)»" "«A!x & F x[F]»")
6973       (auto simp add: "df-null-uni:2" "≡Df" r)
6974qed
6975
6976AOT_theorem "null-uni-facts:3": Null(a)
6977  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
6978   apply (simp add: "null-uni-uniq:3")
6979  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
6980    "sc-eq-fur:2"[THEN "→E", OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"], THEN "≡E"(1)]
6981  by blast
6982
6983AOT_theorem "null-uni-facts:4": Universal(aV)
6984  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
6985   apply (simp add: "null-uni-uniq:4")
6986  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
6987    "sc-eq-fur:2"[THEN "→E", OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"], THEN "≡E"(1)]
6988  by blast
6989
6990AOT_theorem "null-uni-facts:5": a  aV
6991proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
6992    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
6993    rule "≡dfI"[OF "=-infix"];
6994    rule "raa-cor:2")
6995  AOT_obtain x where nullx: Null(x)
6996    by (metis "instantiation" "df-null-uni-terms:1" "existential:1" "null-uni-facts:3"
6997              "null-uni-uniq:3" "rule-id-def:2:b[zero]")
6998  AOT_hence act_null: 𝒜Null(x) by (metis "nec-imp-act" "null-uni-facts:1" "vdash-properties:10")
6999  AOT_assume ιx Null(x) = ιx Universal(x)
7000  AOT_hence 𝒜x(Null(x)  Universal(x))
7001    using "actual-desc:5"[THEN "→E"] by blast
7002  AOT_hence x 𝒜(Null(x)  Universal(x))
7003    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
7004  AOT_hence 𝒜Null(x)  𝒜Universal(x)
7005    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
7006  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
7007  AOT_hence Universal(x) by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "vdash-properties:10")
7008  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
7009  moreover AOT_have ¬F x[F] using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
7010  ultimately AOT_show p & ¬p for p by (metis "cqt-further:1" "raa-cor:3" "vdash-properties:10")
7011qed
7012
7013AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
7014proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
7015  AOT_show ιx([A!]x & F (x[F]  F  F))
7016    by (simp add: "A-descriptions")
7017next
7018  AOT_show a
7019    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
7020       (simp add: "null-uni-uniq:3")
7021next
7022  AOT_have ιx([A!]x & F (x[F]  F  F))
7023    by (simp add: "A-descriptions")
7024  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
7025    using "rule=I:1" by blast
7026  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
7027    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"]; rule "&I")
7028    apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3" "null-uni-uniq:3" "rule-id-def:2:a[zero]" "vdash-properties:10")
7029    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
7030next
7031  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
7032  proof (rule GEN)
7033    fix F
7034    AOT_have ¬a[F]
7035      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
7036         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3)
7037                "df-null-uni:1" "df-null-uni-terms:1" "existential:2[const_var]" "null-uni-facts:3"
7038                "raa-cor:2" "rule-id-def:2:a[zero]" "russell-axiom[enc,1].ψ_denotes_asm")
7039    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
7040    proof(rule "raa-cor:2")
7041      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
7042      AOT_hence 𝒜(F  F) using "desc-nec-encode"[THEN "≡E"(1), OF 0] by blast
7043      moreover AOT_have ¬𝒜(F  F)
7044        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2) "=-infix" "raa-cor:3" by blast
7045      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
7046    qed
7047    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
7048      using "deduction-theorem" "≡I" "raa-cor:4" by blast
7049  qed
7050qed
7051
7052AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
7053proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
7054  AOT_show ιx([A!]x & F (x[F]  F = F))
7055    by (simp add: "A-descriptions")
7056next
7057  AOT_show aV
7058    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
7059       (simp add: "null-uni-uniq:4")
7060next
7061  AOT_have ιx([A!]x & F (x[F]  F = F))
7062    by (simp add: "A-descriptions")
7063  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
7064    using "rule=I:1" by blast
7065  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
7066    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"]; rule "&I")
7067    apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2" "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4" "rule-id-def:2:a[zero]" "vdash-properties:10")
7068    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
7069next
7070  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
7071  proof (rule GEN)
7072    fix F
7073    AOT_have aV[F]
7074      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
7075      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4" "rule-id-def:2:a[zero]" "rule-ui:3" by blast
7076    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
7077      using "RA[2]" "desc-nec-encode" "id-eq:1" "≡E"(2) by fastforce
7078    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
7079      using "deduction-theorem" "≡I" by simp
7080  qed
7081qed
7082
7083AOT_theorem "aclassical:1": Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
7084proof(rule GEN)
7085  fix R
7086  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
7087    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7088  AOT_have a_enc: az [R]za]
7089  proof (rule "raa-cor:1")
7090    AOT_assume 0: ¬az [R]za]
7091    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7092      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
7093                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated])
7094         "cqt:2[lambda]"
7095    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7096      using "cqt-further:4" "vdash-properties:10" by blast
7097    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za]) using "∀E" by blast
7098    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
7099      by (metis "&I" "deduction-theorem" "raa-cor:3")
7100    moreover AOT_have z [R]za] = z [R]za]
7101      by (rule "=I") "cqt:2[lambda]"
7102    ultimately AOT_have az [R]za] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7103    AOT_thus az [R]za] & ¬az [R]za]
7104      using 0 "&I" by blast
7105  qed
7106  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7107    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2[lambda]"
7108  then AOT_obtain b where b_prop: A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
7109    using "∃E"[rotated] by blast
7110  AOT_have a  b
7111    apply (rule "≡dfI"[OF "=-infix"])
7112    using a_enc b_prop[THEN "&E"(2)]
7113    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7114  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
7115    using b_prop "&E" a_prop "&I" by meson
7116  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
7117  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
7118qed
7119
7120AOT_theorem "aclassical:2": Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
7121proof(rule GEN)
7122  fix R
7123  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
7124    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7125  AOT_have a_enc: az [R]az]
7126  proof (rule "raa-cor:1")
7127    AOT_assume 0: ¬az [R]az]
7128    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7129      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
7130                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated])
7131         "cqt:2[lambda]"
7132    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7133      using "cqt-further:4" "vdash-properties:10" by blast
7134    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az]) using "∀E" by blast
7135    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
7136      by (metis "&I" "deduction-theorem" "raa-cor:3")
7137    moreover AOT_have z [R]az] = z [R]az]
7138      by (rule "=I") "cqt:2[lambda]"
7139    ultimately AOT_have az [R]az] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7140    AOT_thus az [R]az] & ¬az [R]az]
7141      using 0 "&I" by blast
7142  qed
7143  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7144    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2[lambda]"
7145  then AOT_obtain b where b_prop: A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
7146    using "∃E"[rotated] by blast
7147  AOT_have a  b
7148    apply (rule "≡dfI"[OF "=-infix"])
7149    using a_enc b_prop[THEN "&E"(2)]
7150    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7151  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
7152    using b_prop "&E" a_prop "&I" by meson
7153  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
7154  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
7155qed
7156
7157AOT_theorem "aclassical:3": Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
7158proof(rule GEN)
7159  fix R
7160  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
7161    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7162  AOT_have z [R]a] by "cqt:2[lambda]"
7163  (* TODO: S should no longer be necessary *)
7164  then AOT_obtain S where S_def: S = z [R]a]
7165    by (metis "instantiation" "rule=I:1" "existential:1" id_sym)
7166  AOT_have a_enc: a[S]
7167  proof (rule "raa-cor:1")
7168    AOT_assume 0: ¬a[S]
7169    AOT_hence ¬y(A!y & S = z [R]y] & ¬y[S])
7170      by (rule a_prop[THEN "&E"(2), THEN "∀E"(2)[where β=S],
7171                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated]) 
7172    AOT_hence y ¬(A!y & S = z [R]y] & ¬y[S])
7173      using "cqt-further:4" "vdash-properties:10" by blast
7174    AOT_hence ¬(A!a & S = z [R]a] & ¬a[S]) using "∀E" by blast
7175    AOT_hence (A!a & S = z [R]a])  a[S]
7176      by (metis "&I" "deduction-theorem" "raa-cor:3")
7177    moreover AOT_have S = z [R]a] using S_def .
7178    ultimately AOT_have a[S] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7179    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
7180  qed
7181  AOT_hence y(A!y & S = z [R]y] & ¬y[S])
7182    by (rule a_prop[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1), rotated])
7183  then AOT_obtain b where b_prop: A!b & S = z [R]b] & ¬b[S]
7184    using "∃E"[rotated] by blast
7185  AOT_have 1: a  b
7186    apply (rule "≡dfI"[OF "=-infix"])
7187    using a_enc b_prop[THEN "&E"(2)]
7188    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7189  AOT_have a:  [R]a] = ([R]a)
7190    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
7191    by (meson "log-prop-prop:2")
7192  AOT_have b:  [R]b] = ([R]b)
7193    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
7194    by (meson "log-prop-prop:2")
7195  AOT_have  [R]a] =  [R]b]
7196    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
7197    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
7198    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
7199     apply (rule "rule=E"[rotated, OF S_def])
7200    using b_prop "&E" apply blast
7201    apply (safe intro!: "&I")
7202    by (simp add: "log-prop-prop:2")+
7203  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
7204    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)] "&I" by auto
7205  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
7206  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
7207qed
7208
7209AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
7210proof -
7211  AOT_have x y ([A!]x & [A!]y & x  y &
7212               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7213    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
7214       "cqt:2[lambda]"
7215  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
7216               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7217    using "∃E"[rotated] by blast
7218  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
7219               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7220    using "∃E"[rotated] by blast
7221  AOT_have z xy F ([F]x  [F]y)]zx]x
7222    apply (rule "β←C"(1))
7223      apply "cqt:2[lambda]"
7224     apply (fact "cqt:2[const_var]"[axiom_inst])
7225    apply (rule "β←C"(1))
7226      apply "cqt:2[lambda]"
7227    apply (simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
7228    by (simp add: "oth-class-taut:3:a" "universal-cor")
7229  AOT_hence z xy F ([F]x  [F]y)]zy]x
7230    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
7231  AOT_hence xy F ([F]x  [F]y)]xy
7232    by (rule "β→C"(1))
7233  AOT_hence F ([F]x  [F]y)
7234    using "β→C"(1) old.prod.case by fast
7235  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y) using 0 "&E" "&I" by blast
7236  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
7237  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
7238qed
7239
7240AOT_theorem "kirchner-thm:1": x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7241proof(rule "≡I"; rule "→I")
7242  AOT_assume x φ{x}]
7243  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
7244  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7245  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
7246    AOT_modally_strict {
7247      fix x y
7248      AOT_assume 0: x φ{x}]
7249      moreover AOT_assume F([F]x  [F]y)
7250      ultimately AOT_have x φ{x}]x  x φ{x}]y
7251        using "∀E" by blast
7252      AOT_thus (φ{x}  φ{y})
7253        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
7254    }
7255  qed
7256  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7257    using "→E" by blast
7258next
7259  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y}))  y(x(F([F]x  [F]y) & φ{x})  φ{y})
7260  proof(rule "RM:1"; rule "→I"; rule GEN)
7261    AOT_modally_strict {
7262      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7263      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
7264        using "∀E"(2) "→E" that by blast
7265      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
7266      proof (rule "raa-cor:1")
7267        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
7268        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y})  (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
7269          using "≡E"(1) "oth-class-taut:4:h" by blast
7270        moreover {
7271          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
7272          AOT_obtain a where F([F]a  [F]y) & φ{a}
7273            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
7274          AOT_hence φ{y} using indisc[THEN "≡E"(1)] "&E" by blast
7275          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7276        }
7277        moreover {
7278          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
7279          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
7280            using "&E"(1) "cqt-further:4" "→E" by blast
7281          AOT_hence ¬(F([F]y  [F]y) & φ{y}) using "∀E" by blast
7282          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
7283            using "≡E"(1) "oth-class-taut:5:c" by blast
7284          moreover AOT_have F([F]y  [F]y) by (simp add: "oth-class-taut:3:a" "universal-cor")
7285          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
7286          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7287        }
7288        ultimately AOT_show p & ¬p for p using "∨E"(3) "raa-cor:1" by blast
7289      qed
7290    }
7291  qed
7292  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7293  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
7294    using "→E" by blast
7295  AOT_thus x φ{x}]
7296    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2[lambda]"
7297qed
7298
7299AOT_theorem "kirchner-thm:2": x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7300proof(rule "≡I"; rule "→I")
7301  AOT_assume x1...xn φ{x1...xn}]
7302  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "vdash-properties:10")
7303  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7304  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
7305    AOT_modally_strict {
7306      fix x1xn y1yn :: 'a AOT_var›
7307      AOT_assume 0: x1...xn φ{x1...xn}]
7308      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
7309      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn  x1...xn φ{x1...xn}]y1...yn
7310        using "∀E" by blast
7311      AOT_thus (φ{x1...xn}  φ{y1...yn})
7312        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
7313    }
7314  qed
7315  ultimately AOT_show x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7316    using "→E" by blast
7317next
7318  AOT_have (x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))) 
7319            y1...∀yn((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7320  proof(rule "RM:1"; rule "→I"; rule GEN)
7321    AOT_modally_strict {
7322      AOT_assume x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7323      AOT_hence indisc: φ{x1...xn}  φ{y1...yn} if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
7324        using "∀E"(2) "→E" that by blast
7325      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn} for y1yn
7326      proof (rule "raa-cor:1")
7327        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7328        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & ¬φ{y1...yn}) 
7329                    (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & φ{y1...yn})
7330          using "≡E"(1) "oth-class-taut:4:h" by blast
7331        moreover {
7332          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & ¬φ{y1...yn}
7333          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
7334            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
7335          AOT_hence φ{y1...yn} using indisc[THEN "≡E"(1)] "&E" by blast
7336          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7337        }
7338        moreover {
7339          AOT_assume 0: (¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))) & φ{y1...yn})
7340          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
7341            using "&E"(1) "cqt-further:4" "→E" by blast
7342          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn}) using "∀E" by blast
7343          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
7344            using "≡E"(1) "oth-class-taut:5:c" by blast
7345          moreover AOT_have F([F]y1...yn  [F]y1...yn)
7346            by (simp add: "oth-class-taut:3:a" "universal-cor")
7347          ultimately AOT_have ¬φ{y1...yn} by (metis "¬¬I" "∨E"(2))
7348          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7349        }
7350        ultimately AOT_show p & ¬p for p using "∨E"(3) "raa-cor:1" by blast
7351      qed
7352    }
7353  qed
7354  moreover AOT_assume x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7355  ultimately AOT_have y1...∀yn((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7356    using "→E" by blast
7357  AOT_thus x1...xn φ{x1...xn}]
7358    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2[lambda]"
7359qed
7360
7361AOT_theorem "kirchner-thm-cor:1": x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7362proof(rule "→I"; rule GEN; rule GEN; rule "→I")
7363  fix x y
7364  AOT_assume x φ{x}]
7365  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
7366    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
7367  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
7368    using CBF[THEN "→E"] by blast
7369  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
7370    using "∀E" by blast
7371  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
7372    using CBF[THEN "→E"] by blast
7373  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
7374    using "∀E" by blast
7375  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
7376    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7377  moreover AOT_assume F([F]x  [F]y)
7378  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
7379qed
7380
7381AOT_theorem "kirchner-thm-cor:2":
7382  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7383proof(rule "→I"; rule GEN; rule GEN; rule "→I")
7384  fix x1xn y1yn
7385  AOT_assume x1...xn φ{x1...xn}]
7386  AOT_hence 0: x1...∀xny1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7387    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
7388  AOT_have x1...∀xny1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7389  proof(rule GEN; rule GEN)
7390    fix x1xn y1yn
7391    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7392      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
7393      using "∀E" by blast
7394  qed
7395  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7396    using "∀E" by blast
7397  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7398    using "∀E" by blast
7399  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7400    using "∀E" by blast
7401  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
7402    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7403  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
7404  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2[lambda]"
7405  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn  x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
7406    using "∀E" by blast
7407  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
7408    apply (rule "β←C"(1))
7409      apply "cqt:2[lambda]"
7410     apply (fact "cqt:2[const_var]"[axiom_inst])
7411    by (simp add: RN GEN "oth-class-taut:3:a")
7412  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn using "≡E"(2) by blast
7413  AOT_hence F ([F]x1...xn  [F]y1...yn)
7414    using "β→C"(1) by blast
7415  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
7416qed
7417
7418AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
7419  "prop-prop1": Propositional([F]) df p(F = y p])
7420
7421AOT_theorem "prop-prop2:1": p y p]
7422  by (rule GEN) "cqt:2[lambda]"
7423
7424AOT_theorem "prop-prop2:2": ν φ]
7425  by "cqt:2[lambda]"
7426
7427AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
7428proof (rule "→I")
7429  AOT_assume 0: F = y p]
7430  AOT_show x([F]x  p)
7431    by (rule "rule=E"[rotated, OF 0[symmetric]]; rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
7432      "cqt:2[lambda]"
7433qed
7434
7435AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
7436proof(rule "→I")
7437  AOT_assume Propositional([F])
7438  AOT_hence p(F = y p]) using "≡dfE"[OF "prop-prop1"] by blast
7439  then AOT_obtain p where F = y p] using "∃E"[rotated] by blast
7440  AOT_hence (F = y p]) using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
7441  AOT_hence p (F = y p]) using "∃I" by fast
7442  AOT_hence 0: p (F = y p]) by (metis Buridan "vdash-properties:10")
7443  AOT_show Propositional([F])
7444    apply (AOT_subst «Propositional([F])» «p (F = y p])»)
7445     using "prop-prop1" "≡Df" apply presburger
7446    by (fact 0)
7447qed
7448
7449AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
7450  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
7451
7452AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
7453proof(rule "→I")
7454  AOT_assume Propositional([Π])
7455  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
7456  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
7457  AOT_show Indiscriminate([Π])
7458  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
7459    AOT_show Π
7460      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
7461  next
7462    AOT_show (x [Π]x  x [Π]x)
7463    proof (rule "rule=E"[rotated, OF Π_def[symmetric]]; rule RN; rule "→I"; rule GEN)
7464      AOT_modally_strict {
7465        AOT_assume x y p]x
7466        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
7467        AOT_hence 0: p by (metis "β→C"(1))
7468        AOT_show y p]x for x
7469          apply (rule "β←C"(1))
7470            apply "cqt:2[lambda]"
7471           apply (fact "cqt:2[const_var]"[axiom_inst])
7472          by (fact 0)
7473      }
7474    qed
7475  qed
7476qed
7477
7478AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
7479proof (rule "→I")
7480  AOT_assume Necessary([F])
7481  AOT_hence 0: x1...∀xn [F]x1...xn using "≡dfE"[OF "contingent-properties:1"] by blast
7482  AOT_show Indiscriminate([F])
7483    by (rule "≡dfI"[OF "prop-indis"])
7484       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "vdash-properties:6") 
7485qed
7486
7487AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
7488proof (rule "→I")
7489  AOT_modally_strict {
7490    AOT_have x ¬[F]x  (x [F]x  x [F]x)
7491      by (metis "instantiation" "cqt-orig:3" "Hypothetical Syllogism" "deduction-theorem" "raa-cor:3")
7492  }
7493  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
7494    by (rule "RM:1")
7495  AOT_assume Impossible([F])
7496  AOT_hence x ¬[F]x using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
7497  AOT_hence 1: (x [F]x  x [F]x) using 0 "→E" by blast
7498  AOT_show Indiscriminate([F])
7499    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
7500       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
7501qed
7502
7503AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
7504proof(rule "raa-cor:2")
7505  AOT_assume Indiscriminate([E!])
7506  AOT_hence 0: (x [E!]x  x [E!]x)
7507    using "≡dfE"[OF "prop-indis"] "&E" by blast
7508  AOT_hence x [E!]x  x [E!]x
7509    using "KBasic:13" "vdash-properties:10" by blast
7510  moreover AOT_have x [E!]x
7511    by (simp add: "thm-cont-e:3")
7512  ultimately AOT_have x [E!]x
7513    by (metis "vdash-properties:6")
7514  AOT_thus p & ¬p for p
7515    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
7516qed
7517
7518AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
7519proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]]; rule "raa-cor:2")
7520  AOT_assume Indiscriminate(x ¬[E!]x])
7521  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
7522    using "≡dfE"[OF "prop-indis"] "&E" by blast
7523  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
7524    using "→E" "qml:1" "vdash-properties:1[2]" by blast
7525  moreover AOT_have x x ¬[E!]x]x
7526    apply (AOT_subst λκ. «x ¬[E!]x]κ» λκ. «¬[E!]κ»)
7527    apply (rule "beta-C-meta"[THEN "→E"])
7528     apply "cqt:2[lambda]"
7529    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2" "o-objects-exist:5" "vdash-properties:10")
7530  ultimately AOT_have 1: x x ¬[E!]x]x
7531    by (metis "vdash-properties:6")
7532  AOT_have x ¬[E!]x
7533    apply (AOT_subst_rev λκ. «x ¬[E!]x]κ» λκ. «¬[E!]κ»)
7534    apply (rule "beta-C-meta"[THEN "→E"])
7535     apply "cqt:2[lambda]"
7536    by (fact 1)
7537  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
7538  moreover AOT_obtain a where abs_a: O!a
7539    using "instantiation" "o-objects-exist:1" "qml:2" "vdash-properties:1[2]" "vdash-properties:6" by blast
7540  ultimately AOT_have ¬[E!]a using "∀E" by blast
7541  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
7542  AOT_have A!a
7543    apply (rule "=dfI"(2)[OF AOT_abstract])
7544     apply "cqt:2[lambda]"
7545    apply (rule "β←C"(1))
7546      apply "cqt:2[lambda]"
7547    using "cqt:2[const_var]"[axiom_inst] apply blast
7548    by (fact 2)
7549  AOT_thus p & ¬p for p using abs_a
7550    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
7551qed
7552
7553AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
7554proof(rule "raa-cor:2")
7555  AOT_assume Indiscriminate(O!)
7556  AOT_hence 0: (x O!x  x O!x)
7557    using "≡dfE"[OF "prop-indis"] "&E" by blast
7558  AOT_hence x O!x  x O!x
7559    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7560  moreover AOT_have x O!x
7561    using "o-objects-exist:1" by blast
7562  ultimately AOT_have x O!x
7563    by (metis "vdash-properties:6")
7564  AOT_thus p & ¬p for p
7565    by (metis "o-objects-exist:3" "qml:2" "raa-cor:3" "vdash-properties:10" "vdash-properties:1[2]")
7566qed
7567
7568AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
7569proof(rule "raa-cor:2")
7570  AOT_assume Indiscriminate(A!)
7571  AOT_hence 0: (x A!x  x A!x)
7572    using "≡dfE"[OF "prop-indis"] "&E" by blast
7573  AOT_hence x A!x  x A!x
7574    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7575  moreover AOT_have x A!x
7576    using "o-objects-exist:2" by blast
7577  ultimately AOT_have x A!x
7578    by (metis "vdash-properties:6")
7579  AOT_thus p & ¬p for p
7580    by (metis "o-objects-exist:4" "qml:2" "raa-cor:3" "vdash-properties:10" "vdash-properties:1[2]")
7581qed
7582
7583AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
7584  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
7585
7586AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
7587  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
7588
7589AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
7590  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
7591
7592AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
7593  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
7594
7595AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
7596proof(rule "→I")
7597  AOT_assume p (F = y p])
7598  AOT_hence p (F = y p])
7599    by (metis "BF◇" "vdash-properties:10")
7600  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
7601  AOT_hence F = y p] by (metis "derived-S5-rules:2" emptyE "id-nec:2" "vdash-properties:6")
7602  AOT_thus p(F = y p]) by (rule "∃I")
7603qed
7604
7605AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
7606proof(rule "→I")
7607  AOT_assume p (F  y p])
7608  AOT_hence (F  y p]) for p
7609    using "∀E" by blast
7610  AOT_hence (F  y p]) for p
7611    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2[lambda]"
7612  AOT_hence p (F  y p]) by (rule GEN)
7613  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
7614qed
7615
7616AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
7617proof(rule "→I")
7618  AOT_assume p (F = y p])
7619  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
7620  AOT_hence (F = y p]) by (metis "id-nec:2" "vdash-properties:6")
7621  AOT_hence p(F = y p]) by (rule "∃I")
7622  AOT_thus p(F = y p]) by (metis Buridan "vdash-properties:10")
7623qed
7624
7625AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
7626proof(rule "→I")
7627  AOT_assume p (F  y p])
7628  AOT_hence p (F  y p]) by (metis "Buridan◇" "vdash-properties:10")
7629  AOT_hence (F  y p]) for p
7630    using "∀E" by blast
7631  AOT_hence F  y p] for p
7632    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2[lambda]"
7633  AOT_thus p (F  y p]) by (rule GEN)
7634qed
7635
7636AOT_theorem "enc-prop-nec:1": F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
7637proof(rule "→I"; rule GEN; rule "→I")
7638  fix F
7639  AOT_assume F (x[F]  p(F = y p]))
7640  AOT_hence F (x[F]  p(F = y p]))
7641    using "Buridan◇" "vdash-properties:10" by blast
7642  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
7643  AOT_assume x[F]
7644  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
7645  AOT_hence p(F = y p])
7646    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
7647  AOT_thus p(F = y p])
7648    using "prop-prop-nec:1"[THEN "→E"] by blast
7649qed
7650
7651AOT_theorem "enc-prop-nec:2": F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
7652  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
7653  by blast
7654
7655(*<*)
7656end
7657(*>*)